VYPR
High severity8.8NVD Advisory· Published Feb 15, 2018· Updated Jun 17, 2026

CVE-2018-0852

CVE-2018-0852

Description

Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0851.

Affected products

2
  • Range: multiple versions (2007 SP3, 2010 SP2, 2013 SP1, 2016, Office 2016 C2R)
  • Microsoft Corporation/Microsoft Officev5
    Range: Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R).

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.