How severe is CVE-2018-3983?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2018-3983?

This is classified as CWE-824, which is a common weakness in software security.

CVE-2018-3983

HIGH Year: 2018

CVSS v3 Score

8.8

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-824

View all →

Vulnerability Description

An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage of this uninitialized pointer can allow an attacker to corrupt heap memory resulting in code execution under the context of the application. An attacker must convince a victim to open a document in order to trigger this vulnerability.

CVE-2015-1770

HIGH

CVSS:8.8(High)

Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."

CWE-8242015

CVE-2016-1005

HIGH

CVSS:8.8(High)

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Ado...

CWE-8242016

CVE-2016-4343

HIGH

CVSS:8.8(High)

The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service ...

CWE-8242016

CVE-2017-16377

HIGH

CVSS:8.8(High)

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. Th...

CWE-8242017

CVE-2017-16378

HIGH

CVSS:8.8(High)

CWE-8242017

CVE-2018-3842

HIGH

CVSS:8.8(High)

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an un...

CWE-8242018

CVE-2018-3983

Vulnerability Description

Related Vulnerabilities

CVE-2015-1770

CVE-2016-1005

CVE-2016-4343

CVE-2017-16377

CVE-2017-16378

CVE-2018-3842