CVE-2018-8412
Summary
| CVE | CVE-2018-8412 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-08-15 17:29:00 UTC |
| Updated | 2018-10-23 17:55:00 UTC |
| Description | An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability." This affects Microsoft Office. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Office For Mac | 2016 | All | All | All |
| Application | Microsoft | Office For Mac | 2016 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft AutoUpdate for Mac Lets Local Users Gain Elevated Privileges - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8412 | CONFIRM | portal.msrc.microsoft.com | Patch, Vendor Advisory |
| Microsoft Office CVE-2018-8412 Privilege Escalation Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.