Back to KEVs

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution...

Basic Information

CVE State
PUBLISHED
Reserved Date
December 01, 2017
Published Date
January 10, 2018
Last Updated
February 07, 2025
Vendor
Microsoft
Product
Equation Editor
Description
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
Tags
cisa microsoft

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2.0

9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2021-11-03 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2021-02-20 02:34:16 UTC) Source

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802 https://github.com/rxwx/CVE-2018-0802 http://www.securitytracker.com/id/1040153 https://0patch.blogspot.com/2018/01/the-bug-that-killed-equation-editor-how.html http://www.securityfocus.com/bid/102347 https://github.com/zldww2011/CVE-2018-0802_POC https://research.checkpoint.com/another-office-equation-rce-vulnerability/

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

roninAPT/CVE-2018-0802

Type: github • Created: 2021-02-20 02:34:16 UTC • Stars: 0

rxwx/CVE-2018-0802

Type: github • Created: 2018-01-11 09:43:46 UTC • Stars: 270

PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)

zldww2011/CVE-2018-0802_POC

Type: github • Created: 2018-01-11 09:16:32 UTC • Stars: 68

Exploit the vulnerability to execute the calculator

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Proof of Concept Exploit Available

  • Added to KEVIntel