CVE-2018-8302

Description

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.

Affected products

• Microsoft / Microsoft Exchange Server2010 Service Pack 3 Update Rollup 23 – 2010 Service Pack 3 Update Rollup 23
• Microsoft / Microsoft Exchange Server2013 Cumulative Update 20 – 2013 Cumulative Update 20
• Microsoft / Microsoft Exchange Server2013 Cumulative Update 21 – 2013 Cumulative Update 21
• Microsoft / Microsoft Exchange Server2016 Cumulative Update 10 – 2016 Cumulative Update 10
• Microsoft / Microsoft Exchange Server2016 Cumulative Update 9 – 2016 Cumulative Update 9

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8302
• MISChttp://www.securityfocus.com/bid/104973
• MISChttp://www.securitytracker.com/id/1041468