VYPR
High severity8.8NVD Advisory· Published Feb 15, 2018· Updated Jun 17, 2026

CVE-2018-0851

CVE-2018-0851

Description

Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Office handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0852.

Affected products

2
  • Microsoft/Officellm-fuzzy
    Range: 2007 SP2, 2010 SP2, 2013 SP1, 2016, 2016 C2R
  • Microsoft Corporation/Microsoft Officev5
    Range: Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R).

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.