CVE-2018-8430

Description

A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file, aka "Word PDF Remote Code Execution Vulnerability." This affects Microsoft Word, Microsoft Office.

Affected products

• Microsoft / Microsoft Office2016 Click-to-Run (C2R) for 32-bit editions – 2016 Click-to-Run (C2R) for 32-bit editions
• Microsoft / Microsoft Office2016 Click-to-Run (C2R) for 64-bit editions – 2016 Click-to-Run (C2R) for 64-bit editions
• Microsoft / Microsoft Word2013 Service Pack 1 (64-bit editions) – 2013 Service Pack 1 (64-bit editions)
• Microsoft / Microsoft Word2013 RT Service Pack 1 – 2013 RT Service Pack 1
• Microsoft / Microsoft Word2016 (64-bit edition) – 2016 (64-bit edition)
• Microsoft / Microsoft Word2016 (32-bit edition) – 2016 (32-bit edition)
• Microsoft / Microsoft Word2013 Service Pack 1 (32-bit editions) – 2013 Service Pack 1 (32-bit editions)

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8430
• MISChttp://www.securityfocus.com/bid/105212
• MISChttp://www.securitytracker.com/id/1041638