Home

CVE-2018-8310

Description

A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka Microsoft Office Tampering Vulnerability. This affects Microsoft Word, Microsoft Office.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
10.552

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Office Tampering Vulnerability for Microsoft Word 2016 (KB4022218) 64-Bit EditionWindows
Microsoft Office Tampering Vulnerability for Microsoft Word 2016 (KB4022218) 32-Bit EditionWindows
Microsoft Office Tampering Vulnerability for Microsoft Word 2013 (KB4022224) 64-Bit EditionWindows
Microsoft Office Tampering Vulnerability for Microsoft Word 2013 (KB4022224) 32-Bit EditionWindows
Microsoft Office Tampering Vulnerability for Microsoft Office 2010 (KB4022200) 64-Bit EditionWindows
Microsoft Office Tampering Vulnerability for Microsoft Office 2010 (KB4022200) 32-Bit EditionWindows
Microsoft Office Tampering Vulnerability for Microsoft Word 2010 (KB4022202) 64-Bit EditionWindows
Microsoft Office Tampering Vulnerability for Microsoft Word 2010 (KB4022202) 32-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-24875Security Update for Microsoft Word 2016 (KB4022218) 64-Bit Edition
PATCH-24874Security Update for Microsoft Word 2016 (KB4022218) 32-Bit Edition
PATCH-24866Security Update for Microsoft Word 2013 (KB4022224) 64-Bit Edition
PATCH-24867Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition
PATCH-24863Security Update for Microsoft Office 2010 (KB4022200) 64-Bit Edition
PATCH-24862Security Update for Microsoft Office 2010 (KB4022200) 32-Bit Edition
PATCH-24865Security Update for Microsoft Word 2010 (KB4022202) 32-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234