Home

CVE-2018-0950

Description

An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka Microsoft Office Information Disclosure Vulnerability. This affects Microsoft Word, Microsoft Office. This CVE ID is unique from CVE-2018-1007.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
10.722

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Office Information Disclosure Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB4018354)Windows
Microsoft Office Information Disclosure Vulnerability for Microsoft Office 2010 (KB4018357) 64-Bit EditionWindows
Microsoft Office Information Disclosure Vulnerability for Microsoft Office 2010 (KB4018357) 32-Bit EditionWindows
Microsoft Office Information Disclosure Vulnerability for Microsoft Office Word 2007 (KB4018355)Windows
Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2013 (KB4018347) 64-Bit EditionWindows
Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2013 (KB4018347) 32-Bit EditionWindows
Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2010 (KB4018359) 64-Bit EditionWindows
Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2010 (KB4018359) 32-Bit EditionWindows
Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2016 (KB4018339) 32-Bit EditionWindows
Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2016 (KB4018339) 64-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-24352Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB4018354)
PATCH-24322Security Update for Microsoft Office 2010 (KB4018357) 64-Bit Edition
PATCH-24320Security Update for Microsoft Office 2010 (KB4018357) 32-Bit Edition
PATCH-24315Security Update for Microsoft Office Word 2007 (KB4018355)
PATCH-24337Security Update for Microsoft Word 2013 (KB4018347) 64-Bit Edition
PATCH-24338Security Update for Microsoft Word 2013 (KB4018347) 32-Bit Edition
PATCH-24326Security Update for Microsoft Word 2010 (KB4018359) 32-Bit Edition
PATCH-24348Security Update for Microsoft Word 2016 (KB4018339) 32-Bit Edition
PATCH-24349Security Update for Microsoft Word 2016 (KB4018339) 64-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234