CVE-2018-0802
Description
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
- CVSS Version 3.1
- CVSS Version 2.0
CVE ID: CVE-2018-0802
Base Score: 7.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8
CVE ID: CVE-2018-0802
Base Score: 9.3
Base Severity: HIGH
Vector String:AV:N/AC:M/Au:N/C:C/I:C/A:C
Proof Of Concept
zldww2011
Exploit the vulnerability to execute the calculator
Refrence: GitHub
rxwx
PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)
Refrence: GitHub
Ridter
PoC for CVE-2018-0802 And CVE-2017-11882
Refrence: GitHub
likekabin
Refrence: GitHub
roninAPT
Refrence: GitHub
Abdibimantara
Pada bulan maret 2023, terdapat sample baru yang terindentifikasi sebagai malware. Malware tersebut berasal dari file berekstensi.xls dan .doc dan dikenal dengan nama “Bank Slip.xls”. Aktivitas malware tersebut memiliki hubungan dengan kerentanan yang dikenal dengan id CVE-2017-11882 dan CVE-2018-0802.
Refrence: GitHub
Content on GitHub
Palvinder-Singh | watchers:4
PS_CVE2018-0802
Refrence: GitHub
Refrence: NVD