CVE-2018-8429

MEDIUM

Description

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.

References

http://www.securityfocus.com/bid/105219

http://www.securitytracker.com/id/1041630

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429

Details

Source: MITRE

Published: 2018-09-13

Updated: 2018-11-01

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Tenable Plugins

View all (4 total)

IDNameProductFamilySeverity
117424Security Updates for Microsoft Office Compatibility Products (September 2018)NessusWindows : Microsoft Bulletins
medium
117422Security Updates for Microsoft Office Viewer Products (September 2018)NessusWindows : Microsoft Bulletins
medium
117421Security Updates for Microsoft Excel Products (September 2018)NessusWindows : Microsoft Bulletins
medium
117409Security Update for Microsoft Office (September 2018) (macOS)NessusMacOS X Local Security Checks
high