7.8

CVE-2018-0903

Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Access Remote Code Execution Vulnerability".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftAccess Version2010 Updatesp2
MicrosoftAccess Version2013 Updatesp1
MicrosoftAccess Version2016
MicrosoftOffice Version2016 SwEditionclick-to-run
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 16.58% 0.966
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/bid/103315
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040503
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0903
Patch
Vendor Advisory