CVE-2018-8245
First published: Thu Jun 14 2018(Updated: )
A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Publisher | =2010-sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-8245?
CVE-2018-8245 is a remote code execution vulnerability in Microsoft Publisher.
How does the vulnerability in CVE-2018-8245 occur?
The vulnerability in CVE-2018-8245 occurs when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects.
What is the severity level of CVE-2018-8245?
The severity level of CVE-2018-8245 is high, with a severity value of 7.8.
Which version of Microsoft Publisher is affected by CVE-2018-8245?
CVE-2018-8245 affects Microsoft Publisher 2010 with Service Pack 2 (SP2).
How can I find more information about CVE-2018-8245?
You can find more information about CVE-2018-8245 on the following references: [SecurityFocus](http://www.securityfocus.com/bid/104405), [SecurityTracker](http://www.securitytracker.com/id/1041105), and [Microsoft Security Advisory](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8245).
- collector/nvd-index
- agent/references
- agent/tags
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft publisher
- version/microsoft publisher/2010-sp2