Remote Code Execution Vulnerability in Microsoft InfoPath
CVE-2018-8173

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Microsoft Infopath
Vendor
CVE Published:
9 May 2018

What is CVE-2018-8173?

A vulnerability in Microsoft InfoPath allows attackers to execute arbitrary code due to improper handling of objects in memory. When exploited, this flaw could enable unauthorized access to sensitive information and control over the affected system, potentially leading to data breaches or other malicious activities. Users of Microsoft InfoPath are advised to apply security patches and follow best practices to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Microsoft Infopath 2013 Service Pack 1 (32-bit edition)

Microsoft Infopath 2013 Service Pack 1 (64-bit edition)

References

http://www.securityfocus.com/bid/104069
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1040855
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

EPSS Score

33% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.