CVE-2018-0802 (7 PoC Exploits Available)

7.8

7.8 / 10
HIGH

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.

Weakness: Out-of-bounds Write

The software writes data past the end, or before the beginning, of the intended buffer.

Published: 2018-01-10

Researcher Credit

Yuki Chen
Netanel Ben Simon
Jinquan
bee13oy

Community Advisory

This section is open source, for any additional information that enhances or clarifies the official advisory above.

Improve Advisory

CVE-2018-0802 Exploits (7)

rxwx/CVE-2018-0802 ( 267)
Ridter/RTF_11882_0802 ( 158)
zldww2011/CVE-2018-0802_POC ( 70)
likescam/CVE-2018-0802_CVE-2017-11882 ( 10)
dcsync/rtfkit ( 5)
roninAPT/CVE-2018-0802
daedalus1/CVE-2018-0802

Official CVE References

View references (7)

securityfocus.com/bid/102347
securitytracker.com/id/1040153
blogspot.com/2018/01/the-bug-that-killed-equation-editor-how.html
rxwx/CVE-2018-0802
zldww2011/CVE-2018-0802_POC
msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802
checkpoint.com/another-office-equation-rce-vulnerability/