HTTP: Microsoft Powerpoint CVE-2018-8628 Remote Code Execution

This signature detects an attempt to exploit an use after free vulnerability in Microsoft Powerpoint. Successful exploitation could lead to remote code execution.

Extended Description

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.

Affected Products

Microsoft office_365_proplus

References

BugTraq: 106104

CVE: CVE-2018-8628

Short Name
HTTP:STC:CVE-2018-8628-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-8628 Code Execution Microsoft Powerpoint Remote bid:106104
Release Date
12/13/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?