CVE-2018-8627

Published: Dec 12, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.

Vendor	Product	Versions
Microsoft	Microsoft Office	affected `2010 Service Pack 2 (32-bit editions)` affected `2010 Service Pack 2 (64-bit editions)` affected `2016 for Mac` affected `2019 for 32-bit editions` affected `2019 for 64-bit editions` +2 more versions
Microsoft	Microsoft Excel	affected `2010 Service Pack 2 (32-bit editions)` affected `2010 Service Pack 2 (64-bit editions)` affected `2013 RT Service Pack 1` affected `2013 Service Pack 1 (32-bit editions)` affected `2013 Service Pack 1 (64-bit editions)` +2 more versions
Microsoft	Microsoft Excel Viewer	affected `2007 Service Pack 3`
Microsoft	Excel	affected `Services on Microsoft SharePoint Server 2010 Service Pack 2`
Microsoft	Office	affected `365 ProPlus for 32-bit Systems` affected `365 ProPlus for 64-bit Systems`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627

x_refsource_CONFIRM

106120

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-8627

Description

Affected Products

References