Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-0950: Microsoft Office Information Disclosure Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft CVE-2018-0950: Microsoft Office Information Disclosure Vulnerability

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
04/10/2018
Created
07/25/2018
Added
04/10/2018
Modified
08/21/2019

Description

An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerability, an attacker would have to send an RTF-formatted email to a user and convince the user to open or preview the email. A connection to a remote SMB server could then be automatically initiated, enabling the attacker to brute-force attack the corresponding NTLM challenge and response in order to disclose the corresponding hash password. The security update addresses the vulnerability by correcting how Office processes OLE objects.

Solution(s)

  • msft-kb4018347-06cc22a2-1001-42da-8739-68396fc0d67f
  • msft-kb4018347-7f47c53b-db37-494f-8101-29e3541b353c
  • msft-kb4018354-6f83ae0a-b693-4ae2-a6fd-ab40d06efe99
  • msft-kb4018355-117b0737-185c-48a6-a0f1-c2793a9d1841
  • msft-kb4018357-207130f6-3078-4c1f-9cb9-0174168aaf66
  • msft-kb4018357-5d4a2663-13d8-4338-bc0e-0b0c56f133bb
  • msft-kb4018359-3787da0b-ce95-4911-a5df-1c7e262aa4b4
  • msft-kb4018359-6dafe5bd-f78e-4cde-bb3d-a610c31185f7

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;