Unrated severityNVD Advisory· Published Apr 12, 2018· Updated Aug 5, 2024

CVE-2018-1028

Description

A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.

Affected products

Microsoft/Wordv5
Range: Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
Microsoft/Excelv5
Range: Services on Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft/Microsoft Office Visiocpe-rescue
Range: 2010 Service Pack 2 (32-bit editions)
Microsoft/Microsoft Office SharePointcpe-rescue
Range: Enterprise Server 2016
Microsoft/Sharepoint Servercpe-rescue
Range: 2013 Service Pack 1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/103641mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1040654mitrevdb-entryx_refsource_SECTRACK
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.027
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000