CVE-2018-8627

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
microsoftoffice_365_proplus
-
microsoftoffice_compatibility_pack
-
microsoft365_apps
𝑥
< 1811
microsoftoffice
𝑥
< 1811
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/106120
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627
http://www.securityfocus.com/bid/106120
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627