First published: Wed Mar 14 2018(Updated: )
Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Access Remote Code Execution Vulnerability".
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Access | =2010-sp2 | |
Microsoft Access | =2013-sp1 | |
Microsoft Access | =2016 | |
Microsoft Office | =2016 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-0903 is a remote code execution vulnerability in Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run.
CVE-2018-0903 works by exploiting the way objects are handled in memory, allowing remote code execution.
The severity of CVE-2018-0903 is high, with a severity value of 7.8.
CVE-2018-0903 affects Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run.
To fix CVE-2018-0903, it is recommended to apply the necessary security updates provided by Microsoft.