Microsoft Office Memory Corruption Vulnerability

Added Nov. 3, 2021 • Due May 3, 2022 • CVE-2018-0798

Overdue Microsoft / Office CWE-787

Description

Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. This vulnerability is known to be chained with CVE-2018-0802.

Required Action

Apply updates per vendor instructions.

References

https://nvd.nist.gov/vuln/detail/CVE-2018-0798

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 4 months, 2 weeks ago