CVE-2018-0798
Microsoft Office Memory Corruption Vulnerability
CVSS
—
No CVSS
EPSS
95.1%
p100
KEV
YES
Nov 3, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
95.1%EPSS · 30 days95.1%
2026-06-302026-07-16
Product
Microsoft / Office
Vulnerability
Microsoft Office Memory Corruption Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
May 3, 2022
Known ransomware use
No
Summary description
Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. This vulnerability is known to be chained with CVE-2018-0802.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-0798
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-11882—100.0%
KEV—80Microsoft Office Memory Corruption Vulnerability—CVE-2023-23397—99.9%
KEV—80Microsoft Office Outlook Privilege Escalation Vulnerability—CVE-2015-1641—99.9%
KEV—80Microsoft Office Memory Corruption Vulnerability—CVE-2018-0802—99.8%
KEV—80Microsoft Office Memory Corruption Vulnerability—CVE-2010-3333—99.8%
KEV—80Microsoft Office Stack-based Buffer Overflow Vulnerability—CVE-2017-8570—99.8%
KEV—80Microsoft Office Remote Code Execution Vulnerability—