Home

CVE-2018-1027

Description

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka Microsoft Excel Remote Code Execution Vulnerability. This affects Microsoft Excel, Microsoft Office. This CVE ID is unique from CVE-2018-0920, CVE-2018-1011, CVE-2018-1029.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
37.412

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2010 (KB4018362) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2010 (KB4018362) 32-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB4018350) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB4018350) 32-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB4011717)Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Office Excel 2007 (KB4018353)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-24317Security Update for Microsoft Excel 2010 (KB4018362) 64-Bit Edition
PATCH-24318Security Update for Microsoft Excel 2010 (KB4018362) 32-Bit Edition
PATCH-24329Security Update for Microsoft Excel 2013 (KB4018350) 64-Bit Edition
PATCH-24330Security Update for Microsoft Excel 2013 (KB4018350) 32-Bit Edition
PATCH-24351Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB4011717)
PATCH-24314Security Update for Microsoft Office Excel 2007 (KB4018353)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234