CVE-2018-8378

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2016:*:*:*:click-to-run:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_word_viewer:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_enterprise_server_2013:-:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_enterprise_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*

History

21 Nov 2024, 04:13

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/104996 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/104996 - Third Party Advisory, VDB Entry
References () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378 - Patch, Vendor Advisory () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378 - Patch, Vendor Advisory

Information

Published : 2018-08-15 17:29

Updated : 2024-11-21 04:13


NVD link : CVE-2018-8378

Mitre link : CVE-2018-8378

CVE.ORG link : CVE-2018-8378


JSON object : View

Products Affected

microsoft

  • office_compatibility_pack
  • sharepoint_server
  • sharepoint_enterprise_server_2016
  • excel_viewer
  • word_automation_services
  • office_web_apps
  • office_word_viewer
  • sharepoint_enterprise_server_2013
  • office
CWE
CWE-125

Out-of-bounds Read

CWE-908

Use of Uninitialized Resource