Vulnerabilities > CVE-2018-8430 - Unspecified vulnerability in Microsoft Office and Word

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
microsoft
nessus

Summary

A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file, aka "Word PDF Remote Code Execution Vulnerability." This affects Microsoft Word, Microsoft Office.

Vulnerable Configurations

Part Description Count
Application
Microsoft
4

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS18_SEP_WORD.NASL
descriptionThe Microsoft Word Products are missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. (CVE-2018-8430)
last seen2020-06-01
modified2020-06-02
plugin id117426
published2018-09-11
reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/117426
titleSecurity Updates for Microsoft Word Products (September 2018)