{"cve":{"cve_id":"CVE-2018-1028","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.19113,"epss_percentile":0.96956,"epss_as_of":"2026-06-23","description":"A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka \"Microsoft Office Graphics Remote Code Execution Vulnerability.\" This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.","published_at":"2018-04-12T01:00:00Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028","http://www.securitytracker.com/id/1040654","http://www.securityfocus.com/bid/103641"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:10:33.420580Z"},"effective_severity":null,"badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"excel","product_name":"Excel","version_start":"Services on Microsoft SharePoint Enterprise Server 2013 Service Pack 1","version_start_inclusive":true,"version_end":"Services on Microsoft SharePoint Enterprise Server 2013 Service Pack 1","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:excel:Services on Microsoft SharePoint Enterprise Server 2013 Service Pack 1:Services on Microsoft SharePoint Enterprise Server 2013 Service Pack 1"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"2010 Service Pack 2 (32-bit editions)","version_start_inclusive":true,"version_end":"2010 Service Pack 2 (32-bit editions)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:2010 Service Pack 2 (32-bit editions):2010 Service Pack 2 (32-bit editions)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"2010 Service Pack 2 (64-bit editions)","version_start_inclusive":true,"version_end":"2010 Service Pack 2 (64-bit editions)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:2010 Service Pack 2 (64-bit editions):2010 Service Pack 2 (64-bit editions)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"2013 RT Service Pack 1","version_start_inclusive":true,"version_end":"2013 RT Service Pack 1","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:2013 RT Service Pack 1:2013 RT Service Pack 1"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"2013 Service Pack 1 (32-bit editions)","version_start_inclusive":true,"version_end":"2013 Service Pack 1 (32-bit editions)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:2013 Service Pack 1 (32-bit editions):2013 Service Pack 1 (32-bit editions)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"2013 Service Pack 1 (64-bit editions)","version_start_inclusive":true,"version_end":"2013 Service Pack 1 (64-bit editions)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:2013 Service Pack 1 (64-bit editions):2013 Service Pack 1 (64-bit editions)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"2016 (32-bit edition)","version_start_inclusive":true,"version_end":"2016 (32-bit edition)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:2016 (32-bit edition):2016 (32-bit edition)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"2016 (64-bit edition)","version_start_inclusive":true,"version_end":"2016 (64-bit edition)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:2016 (64-bit edition):2016 (64-bit edition)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"Web Apps 2010 Service Pack 2","version_start_inclusive":true,"version_end":"Web Apps 2010 Service Pack 2","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:Web Apps 2010 Service Pack 2:Web Apps 2010 Service Pack 2"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-office","product_name":"Microsoft Office","version_start":"Web Apps Server 2013 Service Pack 1","version_start_inclusive":true,"version_end":"Web Apps Server 2013 Service Pack 1","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-office:Web Apps Server 2013 Service Pack 1:Web Apps Server 2013 Service Pack 1"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-sharepoint","product_name":"Microsoft SharePoint","version_start":"Enterprise Server 2016","version_start_inclusive":true,"version_end":"Enterprise Server 2016","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-sharepoint:Enterprise Server 2016:Enterprise Server 2016"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-sharepoint-server","product_name":"Microsoft SharePoint Server","version_start":"2013 Service Pack 1","version_start_inclusive":true,"version_end":"2013 Service Pack 1","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-sharepoint-server:2013 Service Pack 1:2013 Service Pack 1"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"word","product_name":"Word","version_start":"Automation Services on Microsoft SharePoint Server 2013 Service Pack 1","version_start_inclusive":true,"version_end":"Automation Services on Microsoft SharePoint Server 2013 Service Pack 1","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:word:Automation Services on Microsoft SharePoint Server 2013 Service Pack 1:Automation Services on Microsoft SharePoint Server 2013 Service Pack 1"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"word","product_name":"Word","version_start":"Automation Services on Microsoft SharePoint Server 2010 Service Pack 2","version_start_inclusive":true,"version_end":"Automation Services on Microsoft SharePoint Server 2010 Service Pack 2","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:word:Automation Services on Microsoft SharePoint Server 2010 Service Pack 2:Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"}],"exploit_refs":[],"news":[],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.securitytracker.com/id/1040654","source_type":"MISC","tags":[]},{"url":"http://www.securityfocus.com/bid/103641","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2018-04-12T01:00:00Z","label":"CVE published","source":null}]}