Published: 15/08/2018 Updated: 24/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft sharepoint server 2013
microsoft sharepoint enterprise server 2013 -
microsoft sharepoint enterprise server 2016 -
microsoft office compatibility pack -
microsoft office 2013
microsoft office 2010
microsoft office web apps 2010
microsoft office 2016
microsoft excel viewer 2007
microsoft office web apps 2013
microsoft office word viewer -
microsoft word_automation_services -

Patch Tuesday heats up with pair of exploited zero-days squashed – plus 58 other vulns fixed

The Register • Shaun Nichols in San Francisco • 14 Aug 2018

Summertiiiiiime, and the hacking is easy Oracle: Run, don't walk, to patch this critical Database takeover bug

Microsoft and Adobe have teamed up to deliver more than 70 patches with this month's Patch Tuesday batch released today. Microsoft contributed the bulk of the fixes emitted this month, kicking out updates for 60 CVE-listed vulnerabilities in its products. These should be installed as soon as you're able to test and deploy them. Among the highest priorities are a pair of zero-day bugs that are right now being exploited in the wild to compromise victims' Windows PCs. CVE-2018-8373, a remote code e...

CVE-2018-8378

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect