Unrated severityNVD Advisory· Published Aug 15, 2018· Updated Aug 5, 2024

CVE-2018-8378

Description

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office.

Affected products

Microsoft/Wordv5
Range: Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
Microsoft/Excel Viewercpe-rescue
Range: 2007 Service Pack 3
Microsoft/Microsoft Office Visiocpe-rescue
Range: 2010 Service Pack 2 (32-bit editions)
Microsoft/Office Word Viewercpe-rescue
Range: Microsoft Office Word Viewer
Microsoft/Microsoft Office SharePointcpe-rescue
Range: Enterprise Server 2013 Service Pack 1
Microsoft/Sharepoint Servercpe-rescue
Range: 2013 Service Pack 1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/104996mitrevdb-entryx_refsource_BID
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.026
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000