Home

CVE-2018-8245

Description

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka Microsoft Publisher Remote Code Execution Vulnerability. This affects Microsoft Publisher.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
31.892

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Office Elevation of Privilege Vulnerability for Microsoft Publisher 2010 (KB4011186) 64-Bit EditionWindows
Microsoft Office Elevation of Privilege Vulnerability for Microsoft Publisher 2010 (KB4011186) 32-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-24728Security Update for Microsoft Publisher 2010 (KB4011186) 64-Bit Edition
PATCH-24729Security Update for Microsoft Publisher 2010 (KB4011186) 32-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234