CVE-2018-0798

HIGH KEV

Microsoft Word - Out-of-Bounds Write

Title source: rule

Description

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".

Exploits (1)

nomisec WRITEUP

by Sunqiz · poc

https://github.com/Sunqiz/CVE-2018-0798-reproduction

View Code ZIP pw:eip

References (5)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/102370

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1040153

[Third Party Advisory] https://0patch.blogspot.com/2018/01/bringing-abandoned-equation-editor-back.html

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0798

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0798

Scores

CVSS v3 8.8

EPSS 0.9406

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03

VulnCheck KEV 2018-11-29

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2018-1604

CWE

CWE-787

Status published

Products (9)

microsoft/office 2007 sp3

microsoft/office 2010 sp2

microsoft/office 2013 sp1

microsoft/office 2016 (2 CPE variants)

microsoft/office_compatibility_pack

microsoft/word 2007 sp3

microsoft/word 2010 sp2

microsoft/word 2013 sp1 (2 CPE variants)

microsoft/word 2016

Published Jan 10, 2018

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026