CVE-2018-8627

Summary

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Office2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Office2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft Office2016 for Macaffected
MicrosoftMicrosoft Office2019 for 32-bit editionsaffected
MicrosoftMicrosoft Office2019 for 64-bit editionsaffected
MicrosoftMicrosoft Office2019 for Macaffected
MicrosoftMicrosoft OfficeCompatibility Pack Service Pack 3affected
MicrosoftMicrosoft Excel2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Excel2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft Excel2013 RT Service Pack 1affected
MicrosoftMicrosoft Excel2013 Service Pack 1 (32-bit editions)affected
MicrosoftMicrosoft Excel2013 Service Pack 1 (64-bit editions)affected
MicrosoftMicrosoft Excel2016 (32-bit edition)affected
MicrosoftMicrosoft Excel2016 (64-bit edition)affected
MicrosoftMicrosoft Excel Viewer2007 Service Pack 3affected
MicrosoftExcelServices on Microsoft SharePoint Server 2010 Service Pack 2affected
MicrosoftOffice365 ProPlus for 32-bit Systemsaffected
MicrosoftOffice365 ProPlus for 64-bit Systemsaffected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References