CVE-2018-8378

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_enterprise_server_2013:-:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_enterprise_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2016:*:*:*:click-to-run:*:*:*
cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_word_viewer:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*

Information

Published : 2018-08-15 10:29

Updated : 2020-08-24 10:37


NVD link : CVE-2018-8378

Mitre link : CVE-2018-8378


JSON object : View

CWE
CWE-125

Out-of-bounds Read

CWE-908

Use of Uninitialized Resource

Advertisement

dedicated server usa

Products Affected

microsoft

  • sharepoint_enterprise_server_2016
  • excel_viewer
  • word_automation_services
  • office_compatibility_pack
  • sharepoint_server
  • office
  • office_word_viewer
  • sharepoint_enterprise_server_2013
  • office_web_apps