Lucene search

[email protected]CVE-2018-8378

HistoryAug 15, 2018 - 5:29 p.m.

CVE-2018-8378

2018-08-1517:29:07

CWE-908

CWE-125

[email protected]

web.nvd.nist.gov

144

microsoft office

information disclosure

cve-2018-8378

security vulnerability

memory disclosure

uninitialized variable

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.1%

JSON

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka “Microsoft Office Information Disclosure Vulnerability.” This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office.

Affected configurations

Vulners

NVD

Node

microsoftword

microsoftsharepoint_serverMatch2013 Service Pack 1

microsoftoffice_word_viewer

microsoftexcel_viewer

microsoftsharepoint_services

microsoftoffice

VendorProductVersionCPE
microsoftword*cpe:2.3:a:microsoft:word:*:*:*:*:*:*:*:*
microsoftsharepoint_server2013 Service Pack 1cpe:2.3:a:microsoft:sharepoint_server:2013 Service Pack 1:*:*:*:*:*:*:*
microsoftoffice_word_viewer*cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*
microsoftexcel_viewer*cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*
microsoftsharepoint_services*cpe:2.3:a:microsoft:sharepoint_services:*:*:*:*:*:*:*:*
microsoftsharepoint_services*cpe:2.3:a:microsoft:sharepoint_services:*:*:*:*:*:*:*:*
microsoftoffice*cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
microsoftoffice*cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
microsoftoffice*cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
microsoftoffice*cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	word	*	cpe:2.3:a:microsoft:word::::::::
microsoft	sharepoint_server	2013 Service Pack 1	cpe:2.3:a:microsoft:sharepoint_server:2013 Service Pack 1:::::::*
microsoft	office_word_viewer	*	cpe:2.3:a:microsoft:office_word_viewer::::::::
microsoft	excel_viewer	*	cpe:2.3:a:microsoft:excel_viewer::::::::
microsoft	sharepoint_services	*	cpe:2.3:a:microsoft:sharepoint_services::::::::
microsoft	sharepoint_services	*	cpe:2.3:a:microsoft:sharepoint_services::::::::
microsoft	office	*	cpe:2.3:a:microsoft:office::::::::
microsoft	office	*	cpe:2.3:a:microsoft:office::::::::
microsoft	office	*	cpe:2.3:a:microsoft:office::::::::
microsoft	office	*	cpe:2.3:a:microsoft:office::::::::

Rows per page:

1-10 of 171

CNA Affected

[
  {
    "product": "Word",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
      }
    ]
  },
  {
    "product": "Microsoft SharePoint Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2013 Service Pack 1"
      }
    ]
  },
  {
    "product": "Microsoft Office Word Viewer",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Office Word Viewer"
      }
    ]
  },
  {
    "product": "Microsoft Excel Viewer",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2007 Service Pack 3"
      }
    ]
  },
  {
    "product": "Microsoft SharePoint",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Enterprise Server 2013 Service Pack 1"
      },
      {
        "status": "affected",
        "version": "Enterprise Server 2016"
      }
    ]
  },
  {
    "product": "Microsoft Office",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 RT Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2016 (32-bit edition)"
      },
      {
        "status": "affected",
        "version": "2016 (64-bit edition)"
      },
      {
        "status": "affected",
        "version": "2016 Click-to-Run (C2R) for 32-bit editions"
      },
      {
        "status": "affected",
        "version": "2016 Click-to-Run (C2R) for 64-bit editions"
      },
      {
        "status": "affected",
        "version": "Web Apps 2010 Service Pack 2"
      },
      {
        "status": "affected",
        "version": "Web Apps 2013 Service Pack 1"
      }
    ]
  }
]