Unrated severityNVD Advisory· Published Sep 13, 2018· Updated Aug 5, 2024

CVE-2018-8332

Description

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

Affected products

Microsoft/Windowsllm-fuzzy
Microsoft/Office Visiocpe-rescue
Range: 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft/Windows 10 1909cpe-rescue
Range: 32-bit Systems
Microsoft/Windows Server 2003cpe-rescue
Range: version 1709 (Server Core Installation)
Microsoft/Windows 7cpe-rescue
Range: 32-bit Systems Service Pack 1
Microsoft/Windows 8.1cpe-rescue
Range: 32-bit systems
Microsoft/Windows Rt 8.1cpe-rescue
Range: Windows RT 8.1
Microsoft/Windows Server 2008cpe-rescue2 versions
32-bit Systems Service Pack 2+ 1 more
- (no CPE)range: 32-bit Systems Service Pack 2
- (no CPE)range: Itanium-Based Systems Service Pack 1
Microsoft/Windows Server 2012cpe-rescue2 versions
(Server Core installation)+ 1 more
- (no CPE)range: (Server Core installation)
- (no CPE)range: (Server Core installation)
Microsoft/Windows Server 2016cpe-rescue
Range: (Server Core installation)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/105248mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1041628mitrevdb-entryx_refsource_SECTRACK
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8332mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.029
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000