This issue has been assigned a CVE ID – CVE-2018-5124. The attack vector for this vulnerability is through consumption of a malicious .dwf or .pct file through DesignReview.exe process.
In order to exploit this vulnerability, an attacker would have to supply a specially crafted .dwf or .pct file which could lead to memory corruption vulnerability. This issue has been assigned a CVE ID – CVE-2018-5124.
The update for this issue has been released and can be downloaded from the Microsoft Update Catalog.
CVE-2018-5125: Microsoft Edge Memory corruption vulnerability in EdgeHTML in Microsoft Windows 10 could allow an attacker to exploit this vulnerability by convincing a user to visit a specially crafted website. The update for this issue has been released and can be downloaded from the Microsoft Update Catalog.
CVE-2018-5126: Microsoft Graphics Components Components in Microsoft Windows 10 could allow an attacker to exploit this vulnerability by convincing a user to visit a specially crafted website. The update for this issue has been released and can be downloaded from the Microsoft Update Catalog.
CVE-2018-5127: Microsoft Graphics Components Components in Microsoft Windows 10 could allow an attacker to exploit this vulnerability by convincing a user to visit a specially crafted website. The update for this issue has been released and can be downloaded from the Microsoft Update Catalog.
CVE-2018-5128: Microsoft Office Microsoft Office software could allow an attacker to
Microsoft Office Software
CVE-2018-5129: Microsoft SharePoint Server Microsoft SharePoint Server software could allow an attacker to
Timeline
Published on: 10/21/2022 16:15:00 UTC
Last modified on: 10/24/2022 13:32:00 UTC