Search
Find a vulnerability
Search criteria
412 vulnerabilities found for office_compatibility_pack by microsoft
CVE-2019-0669 (GCVE-0-2019-0669)
Vulnerability from cvelistv5 – Published: 2019-03-06 00:00 – Updated: 2024-08-04 17:51
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
Severity
No CVSS data available.
CWE
- Security Feature Bypass
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106897 | vdb-entryx_refsource_BID |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2016 for Mac Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac |
|
| Microsoft | Microsoft Excel Viewer |
Affected:
unspecified
|
|
| Microsoft | Office 365 ProPlus |
Affected:
32-bit Systems
Affected: 64-bit Systems |
|
| Microsoft | Microsoft Office Compatibility Pack |
Affected:
Service Pack 3
|
Date Public
2019-03-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669"
},
{
"name": "106897",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106897"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Office 365 ProPlus",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems"
},
{
"status": "affected",
"version": "64-bit Systems"
}
]
},
{
"product": "Microsoft Office Compatibility Pack",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Service Pack 3"
}
]
}
],
"datePublic": "2019-03-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \u0027Microsoft Excel Information Disclosure Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Feature Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669"
},
{
"name": "106897",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106897"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Office 365 ProPlus",
"version": {
"version_data": [
{
"version_value": "32-bit Systems"
},
{
"version_value": "64-bit Systems"
}
]
}
},
{
"product_name": "Microsoft Office Compatibility Pack",
"version": {
"version_data": [
{
"version_value": "Service Pack 3"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \u0027Microsoft Excel Information Disclosure Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Feature Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669"
},
{
"name": "106897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106897"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0669",
"datePublished": "2019-03-06T00:00:00.000Z",
"dateReserved": "2018-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:51:27.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8627 (GCVE-0-2018-8627)
Vulnerability from cvelistv5 – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:02
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106120 | vdb-entryx_refsource_BID |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2016 for Mac Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Excel |
Affected:
Services on Microsoft SharePoint Server 2010 Service Pack 2
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
Date Public
2018-12-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627"
},
{
"name": "106120",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106120"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
}
],
"datePublic": "2018-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627"
},
{
"name": "106120",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106120"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8627",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Excel",
"version": {
"version_data": [
{
"version_value": "Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627"
},
{
"name": "106120",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106120"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8627",
"datePublished": "2018-12-12T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:25.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8628 (GCVE-0-2018-8628)
Vulnerability from cvelistv5 – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:02
VLAI
Summary
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106104 | vdb-entryx_refsource_BID |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac Affected: Compatibility Pack Service Pack 3 Affected: Web Apps 2010 Service Pack 2 Affected: Web Apps 2013 Service Pack 1 |
|
| Microsoft | Microsoft PowerPoint |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
|
| Microsoft | Microsoft SharePoint |
Affected:
Enterprise Server 2016
|
|
| Microsoft | Microsoft PowerPoint Viewer |
Affected:
Microsoft PowerPoint Viewer
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
|
| Microsoft | Office Online Server |
Affected:
Office Online Server
|
|
| Microsoft | Microsoft SharePoint Server |
Affected:
2013 Service Pack 1
Affected: 2019 |
Date Public
2018-12-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628"
},
{
"name": "106104",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106104"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
},
{
"status": "affected",
"version": "Web Apps 2010 Service Pack 2"
},
{
"status": "affected",
"version": "Web Apps 2013 Service Pack 1"
}
]
},
{
"product": "Microsoft PowerPoint",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
},
{
"product": "Microsoft SharePoint",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Enterprise Server 2016"
}
]
},
{
"product": "Microsoft PowerPoint Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft PowerPoint Viewer"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
},
{
"product": "Office Online Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Office Online Server"
}
]
},
{
"product": "Microsoft SharePoint Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2013 Service Pack 1"
},
{
"status": "affected",
"version": "2019"
}
]
}
],
"datePublic": "2018-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka \"Microsoft PowerPoint Remote Code Execution Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628"
},
{
"name": "106104",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106104"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8628",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
},
{
"version_value": "Web Apps 2010 Service Pack 2"
},
{
"version_value": "Web Apps 2013 Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft PowerPoint",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name": "Microsoft SharePoint",
"version": {
"version_data": [
{
"version_value": "Enterprise Server 2016"
}
]
}
},
{
"product_name": "Microsoft PowerPoint Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft PowerPoint Viewer"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name": "Office Online Server",
"version": {
"version_data": [
{
"version_value": "Office Online Server"
}
]
}
},
{
"product_name": "Microsoft SharePoint Server",
"version": {
"version_data": [
{
"version_value": "2013 Service Pack 1"
},
{
"version_value": "2019"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka \"Microsoft PowerPoint Remote Code Execution Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628"
},
{
"name": "106104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106104"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8628",
"datePublished": "2018-12-12T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:25.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8597 (GCVE-0-2018-8597)
Vulnerability from cvelistv5 – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:02
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8636.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106100 | vdb-entryx_refsource_BID |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2016 for Mac Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
Date Public
2018-12-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8597"
},
{
"name": "106100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106100"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
}
],
"datePublic": "2018-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8636."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8597"
},
{
"name": "106100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8597",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8636."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8597",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8597"
},
{
"name": "106100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8597",
"datePublished": "2018-12-12T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:25.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8577 (GCVE-0-2018-8577)
Vulnerability from cvelistv5 – Published: 2018-11-14 01:00 – Updated: 2024-08-05 07:02
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105834 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1042134 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 for Mac Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac Affected: Compatibility Pack Service Pack 3 Affected: Web Apps Server 2013 Service Pack 1 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Excel |
Affected:
Services on Microsoft SharePoint Server 2010 Service Pack 2
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
Date Public
2018-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105834",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105834"
},
{
"name": "1042134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042134"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
},
{
"status": "affected",
"version": "Web Apps Server 2013 Service Pack 1"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
}
],
"datePublic": "2018-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105834",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105834"
},
{
"name": "1042134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042134"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
},
{
"version_value": "Web Apps Server 2013 Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Excel",
"version": {
"version_data": [
{
"version_value": "Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105834",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105834"
},
{
"name": "1042134",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042134"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8577",
"datePublished": "2018-11-14T01:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:25.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8432 (GCVE-0-2018-8432)
Vulnerability from cvelistv5 – Published: 2018-10-10 13:00 – Updated: 2024-08-05 06:54
VLAI
Summary
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105458 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1041823 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 7 |
Affected:
32-bit Systems Service Pack 1
Affected: x64-based Systems Service Pack 1 |
|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Office Word Viewer |
Affected:
Microsoft Office Word Viewer
|
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft PowerPoint Viewer |
Affected:
2007
|
|
| Microsoft | Windows Server 2019 |
Affected:
(Server Core installation)
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
|
| Microsoft | Windows Server 2008 R2 |
Affected:
Itanium-Based Systems Service Pack 1
Affected: x64-based Systems Service Pack 1 Affected: x64-based Systems Service Pack 1 (Server Core installation) |
|
| Microsoft | Windows 10 |
Affected:
Version 1809 for 32-bit Systems
Affected: Version 1809 for x64-based Systems |
|
| Microsoft | Windows Server 2008 |
Affected:
32-bit Systems Service Pack 2
Affected: 32-bit Systems Service Pack 2 (Server Core installation) Affected: Itanium-Based Systems Service Pack 2 Affected: x64-based Systems Service Pack 2 Affected: x64-based Systems Service Pack 2 (Server Core installation) |
Date Public
2018-10-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105458",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105458"
},
{
"name": "1041823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041823"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Office Word Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Office Word Viewer"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft PowerPoint Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007"
}
]
},
{
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "(Server Core installation)"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
},
{
"product": "Windows Server 2008 R2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Itanium-Based Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1 (Server Core installation)"
}
]
},
{
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Version 1809 for x64-based Systems"
}
]
},
{
"product": "Windows Server 2008",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"status": "affected",
"version": "Itanium-Based Systems Service Pack 2"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 2"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 2 (Server Core installation)"
}
]
}
],
"datePublic": "2018-10-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Remote Code Execution Vulnerability.\" This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105458",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105458"
},
{
"name": "1041823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041823"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows 7",
"version": {
"version_data": [
{
"version_value": "32-bit Systems Service Pack 1"
},
{
"version_value": "x64-based Systems Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Office Word Viewer"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft PowerPoint Viewer",
"version": {
"version_data": [
{
"version_value": "2007"
}
]
}
},
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_value": "(Server Core installation)"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name": "Windows Server 2008 R2",
"version": {
"version_data": [
{
"version_value": "Itanium-Based Systems Service Pack 1"
},
{
"version_value": "x64-based Systems Service Pack 1"
},
{
"version_value": "x64-based Systems Service Pack 1 (Server Core installation)"
}
]
}
},
{
"product_name": "Windows 10",
"version": {
"version_data": [
{
"version_value": "Version 1809 for 32-bit Systems"
},
{
"version_value": "Version 1809 for x64-based Systems"
}
]
}
},
{
"product_name": "Windows Server 2008",
"version": {
"version_data": [
{
"version_value": "32-bit Systems Service Pack 2"
},
{
"version_value": "32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"version_value": "Itanium-Based Systems Service Pack 2"
},
{
"version_value": "x64-based Systems Service Pack 2"
},
{
"version_value": "x64-based Systems Service Pack 2 (Server Core installation)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Remote Code Execution Vulnerability.\" This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105458",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105458"
},
{
"name": "1041823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041823"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8432",
"datePublished": "2018-10-10T13:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8427 (GCVE-0-2018-8427)
Vulnerability from cvelistv5 – Published: 2018-10-10 13:00 – Updated: 2024-08-05 06:54
VLAI
Summary
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1041823 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/105453 | vdb-entryx_refsource_BID |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Office Word Viewer |
Affected:
Microsoft Office Word Viewer
|
|
| Microsoft | Windows Server 2008 |
Affected:
32-bit Systems Service Pack 2
Affected: 32-bit Systems Service Pack 2 (Server Core installation) Affected: Itanium-Based Systems Service Pack 2 Affected: x64-based Systems Service Pack 2 Affected: x64-based Systems Service Pack 2 (Server Core installation) |
|
| Microsoft | Microsoft PowerPoint Viewer |
Affected:
2007
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
Date Public
2018-10-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041823"
},
{
"name": "105453",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105453"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Office Word Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Office Word Viewer"
}
]
},
{
"product": "Windows Server 2008",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"status": "affected",
"version": "Itanium-Based Systems Service Pack 2"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 2"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 2 (Server Core installation)"
}
]
},
{
"product": "Microsoft PowerPoint Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
}
],
"datePublic": "2018-10-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Information Disclosure Vulnerability.\" This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041823"
},
{
"name": "105453",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105453"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Office Word Viewer"
}
]
}
},
{
"product_name": "Windows Server 2008",
"version": {
"version_data": [
{
"version_value": "32-bit Systems Service Pack 2"
},
{
"version_value": "32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"version_value": "Itanium-Based Systems Service Pack 2"
},
{
"version_value": "x64-based Systems Service Pack 2"
},
{
"version_value": "x64-based Systems Service Pack 2 (Server Core installation)"
}
]
}
},
{
"product_name": "Microsoft PowerPoint Viewer",
"version": {
"version_data": [
{
"version_value": "2007"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Information Disclosure Vulnerability.\" This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041823"
},
{
"name": "105453",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105453"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8427",
"datePublished": "2018-10-10T13:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8429 (GCVE-0-2018-8429)
Vulnerability from cvelistv5 – Published: 2018-09-13 00:00 – Updated: 2024-08-05 06:54
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/105219 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1041630 | vdb-entryx_refsource_SECTRACK |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft Office |
Affected:
2016 Click-to-Run (C2R) for 32-bit editions
Affected: 2016 Click-to-Run (C2R) for 64-bit editions Affected: 2016 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
Date Public
2018-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429"
},
{
"name": "105219",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105219"
},
{
"name": "1041630",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041630"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
}
],
"datePublic": "2018-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429"
},
{
"name": "105219",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105219"
},
{
"name": "1041630",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041630"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429"
},
{
"name": "105219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105219"
},
{
"name": "1041630",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041630"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8429",
"datePublished": "2018-09-13T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8378 (GCVE-0-2018-8378)
Vulnerability from cvelistv5 – Published: 2018-08-15 17:00 – Updated: 2024-08-05 06:54
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104996 | vdb-entryx_refsource_BID |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Word |
Affected:
Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
|
|
| Microsoft | Microsoft SharePoint Server |
Affected:
2013 Service Pack 1
|
|
| Microsoft | Microsoft Office Word Viewer |
Affected:
Microsoft Office Word Viewer
|
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft SharePoint |
Affected:
Enterprise Server 2013 Service Pack 1
Affected: Enterprise Server 2016 |
|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 Click-to-Run (C2R) for 32-bit editions Affected: 2016 Click-to-Run (C2R) for 64-bit editions Affected: Web Apps 2010 Service Pack 2 Affected: Web Apps 2013 Service Pack 1 |
Date Public
2018-08-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104996",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104996"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Word",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
},
{
"product": "Microsoft SharePoint Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2013 Service Pack 1"
}
]
},
{
"product": "Microsoft Office Word Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Office Word Viewer"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft SharePoint",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Enterprise Server 2013 Service Pack 1"
},
{
"status": "affected",
"version": "Enterprise Server 2016"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"status": "affected",
"version": "Web Apps 2010 Service Pack 2"
},
{
"status": "affected",
"version": "Web Apps 2013 Service Pack 1"
}
]
}
],
"datePublic": "2018-08-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Office Information Disclosure Vulnerability.\" This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104996",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104996"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Word",
"version": {
"version_data": [
{
"version_value": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name": "Microsoft SharePoint Server",
"version": {
"version_data": [
{
"version_value": "2013 Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Office Word Viewer"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft SharePoint",
"version": {
"version_data": [
{
"version_value": "Enterprise Server 2013 Service Pack 1"
},
{
"version_value": "Enterprise Server 2016"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"version_value": "Web Apps 2010 Service Pack 2"
},
{
"version_value": "Web Apps 2013 Service Pack 1"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Office Information Disclosure Vulnerability.\" This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104996",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104996"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8378",
"datePublished": "2018-08-15T17:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8375 (GCVE-0-2018-8375)
Vulnerability from cvelistv5 – Published: 2018-08-15 17:00 – Updated: 2024-08-05 06:54
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8379.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104989 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1041463 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 Click-to-Run (C2R) for 32-bit editions Affected: 2016 Click-to-Run (C2R) for 64-bit editions |
Date Public
2018-08-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104989",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104989"
},
{
"name": "1041463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041463"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
}
]
}
],
"datePublic": "2018-08-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8379."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104989",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104989"
},
{
"name": "1041463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041463"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8379."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104989",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104989"
},
{
"name": "1041463",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041463"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8375",
"datePublished": "2018-08-15T17:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8382 (GCVE-0-2018-8382)
Vulnerability from cvelistv5 – Published: 2018-08-15 17:00 – Updated: 2024-08-05 06:54
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105000 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1041463 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 Click-to-Run (C2R) for 32-bit editions Affected: 2016 Click-to-Run (C2R) for 64-bit editions |
Date Public
2018-08-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105000",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105000"
},
{
"name": "1041463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041463"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
}
]
}
],
"datePublic": "2018-08-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105000",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105000"
},
{
"name": "1041463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041463"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105000",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105000"
},
{
"name": "1041463",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041463"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8382",
"datePublished": "2018-08-15T17:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8281 (GCVE-0-2018-8281)
Vulnerability from cvelistv5 – Published: 2018-07-11 00:00 – Updated: 2024-08-05 06:54
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Microsoft Office, Microsoft Office Word Viewer.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1041252 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/104609 | vdb-entryx_refsource_BID |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel Viewer |
Affected:
Microsoft Excel Viewer
|
|
| Microsoft | Microsoft PowerPoint Viewer |
Affected:
Microsoft PowerPoint Viewer
|
|
| Microsoft | Microsoft Office |
Affected:
2016 Click-to-Run (C2R) for 32-bit editions
Affected: 2016 Click-to-Run (C2R) for 64-bit editions Affected: 2016 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Office Word Viewer |
Affected:
Microsoft Office Word Viewer
|
Date Public
2018-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041252",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041252"
},
{
"name": "104609",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104609"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Excel Viewer"
}
]
},
{
"product": "Microsoft PowerPoint Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft PowerPoint Viewer"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Office Word Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Office Word Viewer"
}
]
}
],
"datePublic": "2018-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Microsoft Office, Microsoft Office Word Viewer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041252",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041252"
},
{
"name": "104609",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104609"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Excel Viewer"
}
]
}
},
{
"product_name": "Microsoft PowerPoint Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft PowerPoint Viewer"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Office Word Viewer"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Microsoft Office, Microsoft Office Word Viewer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041252",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041252"
},
{
"name": "104609",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104609"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8281",
"datePublished": "2018-07-11T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:34.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8246 (GCVE-0-2018-8246)
Vulnerability from cvelistv5 – Published: 2018-06-14 12:00 – Updated: 2024-08-05 06:46
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1041109 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/104322 | vdb-entryx_refsource_BID |
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8246"
},
{
"name": "1041109",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041109"
},
{
"name": "104322",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104322"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-15T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8246"
},
{
"name": "1041109",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041109"
},
{
"name": "104322",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104322"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8246",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8246"
},
{
"name": "1041109",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041109"
},
{
"name": "104322",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104322"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8246",
"datePublished": "2018-06-14T12:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:46:13.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8160 (GCVE-0-2018-8160)
Vulnerability from cvelistv5 – Published: 2018-05-09 19:00 – Updated: 2024-08-05 06:46
VLAI
Summary
An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Word, Microsoft Office.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1040852 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/104051 | vdb-entryx_refsource_BID |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Word |
Affected:
Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
|
|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: Compatibility Pack Service Pack 3 Affected: Web Apps Server 2010 Service Pack 2 |
Date Public
2018-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040852",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040852"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8160"
},
{
"name": "104051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Word",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
},
{
"status": "affected",
"version": "Web Apps Server 2010 Service Pack 2"
}
]
}
],
"datePublic": "2018-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Outlook when a message is opened, aka \"Microsoft Outlook Information Disclosure Vulnerability.\" This affects Word, Microsoft Office."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040852",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040852"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8160"
},
{
"name": "104051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Word",
"version": {
"version_data": [
{
"version_value": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "Compatibility Pack Service Pack 3"
},
{
"version_value": "Web Apps Server 2010 Service Pack 2"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in Outlook when a message is opened, aka \"Microsoft Outlook Information Disclosure Vulnerability.\" This affects Word, Microsoft Office."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040852",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040852"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8160",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8160"
},
{
"name": "104051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8160",
"datePublished": "2018-05-09T19:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:46:13.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0669 (GCVE-0-2019-0669)
Vulnerability from nvd – Published: 2019-03-06 00:00 – Updated: 2024-08-04 17:51
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
Severity
No CVSS data available.
CWE
- Security Feature Bypass
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106897 | vdb-entryx_refsource_BID |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2016 for Mac Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac |
|
| Microsoft | Microsoft Excel Viewer |
Affected:
unspecified
|
|
| Microsoft | Office 365 ProPlus |
Affected:
32-bit Systems
Affected: 64-bit Systems |
|
| Microsoft | Microsoft Office Compatibility Pack |
Affected:
Service Pack 3
|
Date Public
2019-03-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669"
},
{
"name": "106897",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106897"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Office 365 ProPlus",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems"
},
{
"status": "affected",
"version": "64-bit Systems"
}
]
},
{
"product": "Microsoft Office Compatibility Pack",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Service Pack 3"
}
]
}
],
"datePublic": "2019-03-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \u0027Microsoft Excel Information Disclosure Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Feature Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669"
},
{
"name": "106897",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106897"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Office 365 ProPlus",
"version": {
"version_data": [
{
"version_value": "32-bit Systems"
},
{
"version_value": "64-bit Systems"
}
]
}
},
{
"product_name": "Microsoft Office Compatibility Pack",
"version": {
"version_data": [
{
"version_value": "Service Pack 3"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \u0027Microsoft Excel Information Disclosure Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Feature Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669"
},
{
"name": "106897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106897"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0669",
"datePublished": "2019-03-06T00:00:00.000Z",
"dateReserved": "2018-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:51:27.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8628 (GCVE-0-2018-8628)
Vulnerability from nvd – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:02
VLAI
Summary
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106104 | vdb-entryx_refsource_BID |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac Affected: Compatibility Pack Service Pack 3 Affected: Web Apps 2010 Service Pack 2 Affected: Web Apps 2013 Service Pack 1 |
|
| Microsoft | Microsoft PowerPoint |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
|
| Microsoft | Microsoft SharePoint |
Affected:
Enterprise Server 2016
|
|
| Microsoft | Microsoft PowerPoint Viewer |
Affected:
Microsoft PowerPoint Viewer
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
|
| Microsoft | Office Online Server |
Affected:
Office Online Server
|
|
| Microsoft | Microsoft SharePoint Server |
Affected:
2013 Service Pack 1
Affected: 2019 |
Date Public
2018-12-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628"
},
{
"name": "106104",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106104"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
},
{
"status": "affected",
"version": "Web Apps 2010 Service Pack 2"
},
{
"status": "affected",
"version": "Web Apps 2013 Service Pack 1"
}
]
},
{
"product": "Microsoft PowerPoint",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
},
{
"product": "Microsoft SharePoint",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Enterprise Server 2016"
}
]
},
{
"product": "Microsoft PowerPoint Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft PowerPoint Viewer"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
},
{
"product": "Office Online Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Office Online Server"
}
]
},
{
"product": "Microsoft SharePoint Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2013 Service Pack 1"
},
{
"status": "affected",
"version": "2019"
}
]
}
],
"datePublic": "2018-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka \"Microsoft PowerPoint Remote Code Execution Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628"
},
{
"name": "106104",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106104"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8628",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
},
{
"version_value": "Web Apps 2010 Service Pack 2"
},
{
"version_value": "Web Apps 2013 Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft PowerPoint",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name": "Microsoft SharePoint",
"version": {
"version_data": [
{
"version_value": "Enterprise Server 2016"
}
]
}
},
{
"product_name": "Microsoft PowerPoint Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft PowerPoint Viewer"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name": "Office Online Server",
"version": {
"version_data": [
{
"version_value": "Office Online Server"
}
]
}
},
{
"product_name": "Microsoft SharePoint Server",
"version": {
"version_data": [
{
"version_value": "2013 Service Pack 1"
},
{
"version_value": "2019"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka \"Microsoft PowerPoint Remote Code Execution Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628"
},
{
"name": "106104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106104"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8628",
"datePublished": "2018-12-12T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:25.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8627 (GCVE-0-2018-8627)
Vulnerability from nvd – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:02
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106120 | vdb-entryx_refsource_BID |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2016 for Mac Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Excel |
Affected:
Services on Microsoft SharePoint Server 2010 Service Pack 2
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
Date Public
2018-12-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627"
},
{
"name": "106120",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106120"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
}
],
"datePublic": "2018-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627"
},
{
"name": "106120",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106120"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8627",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Excel",
"version": {
"version_data": [
{
"version_value": "Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627"
},
{
"name": "106120",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106120"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8627",
"datePublished": "2018-12-12T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:25.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8597 (GCVE-0-2018-8597)
Vulnerability from nvd – Published: 2018-12-12 00:00 – Updated: 2024-08-05 07:02
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8636.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106100 | vdb-entryx_refsource_BID |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2016 for Mac Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
Date Public
2018-12-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8597"
},
{
"name": "106100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106100"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
}
],
"datePublic": "2018-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8636."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8597"
},
{
"name": "106100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8597",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8636."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8597",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8597"
},
{
"name": "106100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8597",
"datePublished": "2018-12-12T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:25.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8577 (GCVE-0-2018-8577)
Vulnerability from nvd – Published: 2018-11-14 01:00 – Updated: 2024-08-05 07:02
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105834 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1042134 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 for Mac Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: 2019 for Mac Affected: Compatibility Pack Service Pack 3 Affected: Web Apps Server 2013 Service Pack 1 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Excel |
Affected:
Services on Microsoft SharePoint Server 2010 Service Pack 2
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
Date Public
2018-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105834",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105834"
},
{
"name": "1042134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042134"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2019 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
},
{
"status": "affected",
"version": "Web Apps Server 2013 Service Pack 1"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
}
],
"datePublic": "2018-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105834",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105834"
},
{
"name": "1042134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042134"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2019 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
},
{
"version_value": "Web Apps Server 2013 Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Excel",
"version": {
"version_data": [
{
"version_value": "Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105834",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105834"
},
{
"name": "1042134",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042134"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8577",
"datePublished": "2018-11-14T01:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:25.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8432 (GCVE-0-2018-8432)
Vulnerability from nvd – Published: 2018-10-10 13:00 – Updated: 2024-08-05 06:54
VLAI
Summary
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105458 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1041823 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 7 |
Affected:
32-bit Systems Service Pack 1
Affected: x64-based Systems Service Pack 1 |
|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Office Word Viewer |
Affected:
Microsoft Office Word Viewer
|
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft PowerPoint Viewer |
Affected:
2007
|
|
| Microsoft | Windows Server 2019 |
Affected:
(Server Core installation)
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
|
| Microsoft | Windows Server 2008 R2 |
Affected:
Itanium-Based Systems Service Pack 1
Affected: x64-based Systems Service Pack 1 Affected: x64-based Systems Service Pack 1 (Server Core installation) |
|
| Microsoft | Windows 10 |
Affected:
Version 1809 for 32-bit Systems
Affected: Version 1809 for x64-based Systems |
|
| Microsoft | Windows Server 2008 |
Affected:
32-bit Systems Service Pack 2
Affected: 32-bit Systems Service Pack 2 (Server Core installation) Affected: Itanium-Based Systems Service Pack 2 Affected: x64-based Systems Service Pack 2 Affected: x64-based Systems Service Pack 2 (Server Core installation) |
Date Public
2018-10-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105458",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105458"
},
{
"name": "1041823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041823"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Office Word Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Office Word Viewer"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft PowerPoint Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007"
}
]
},
{
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "(Server Core installation)"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
},
{
"product": "Windows Server 2008 R2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Itanium-Based Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1 (Server Core installation)"
}
]
},
{
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Version 1809 for x64-based Systems"
}
]
},
{
"product": "Windows Server 2008",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"status": "affected",
"version": "Itanium-Based Systems Service Pack 2"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 2"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 2 (Server Core installation)"
}
]
}
],
"datePublic": "2018-10-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Remote Code Execution Vulnerability.\" This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105458",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105458"
},
{
"name": "1041823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041823"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows 7",
"version": {
"version_data": [
{
"version_value": "32-bit Systems Service Pack 1"
},
{
"version_value": "x64-based Systems Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Office Word Viewer"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft PowerPoint Viewer",
"version": {
"version_data": [
{
"version_value": "2007"
}
]
}
},
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_value": "(Server Core installation)"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name": "Windows Server 2008 R2",
"version": {
"version_data": [
{
"version_value": "Itanium-Based Systems Service Pack 1"
},
{
"version_value": "x64-based Systems Service Pack 1"
},
{
"version_value": "x64-based Systems Service Pack 1 (Server Core installation)"
}
]
}
},
{
"product_name": "Windows 10",
"version": {
"version_data": [
{
"version_value": "Version 1809 for 32-bit Systems"
},
{
"version_value": "Version 1809 for x64-based Systems"
}
]
}
},
{
"product_name": "Windows Server 2008",
"version": {
"version_data": [
{
"version_value": "32-bit Systems Service Pack 2"
},
{
"version_value": "32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"version_value": "Itanium-Based Systems Service Pack 2"
},
{
"version_value": "x64-based Systems Service Pack 2"
},
{
"version_value": "x64-based Systems Service Pack 2 (Server Core installation)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Remote Code Execution Vulnerability.\" This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105458",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105458"
},
{
"name": "1041823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041823"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8432",
"datePublished": "2018-10-10T13:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8427 (GCVE-0-2018-8427)
Vulnerability from nvd – Published: 2018-10-10 13:00 – Updated: 2024-08-05 06:54
VLAI
Summary
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1041823 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/105453 | vdb-entryx_refsource_BID |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: 2019 for 32-bit editions Affected: 2019 for 64-bit editions Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Office Word Viewer |
Affected:
Microsoft Office Word Viewer
|
|
| Microsoft | Windows Server 2008 |
Affected:
32-bit Systems Service Pack 2
Affected: 32-bit Systems Service Pack 2 (Server Core installation) Affected: Itanium-Based Systems Service Pack 2 Affected: x64-based Systems Service Pack 2 Affected: x64-based Systems Service Pack 2 (Server Core installation) |
|
| Microsoft | Microsoft PowerPoint Viewer |
Affected:
2007
|
|
| Microsoft | Office |
Affected:
365 ProPlus for 32-bit Systems
Affected: 365 ProPlus for 64-bit Systems |
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
Date Public
2018-10-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041823"
},
{
"name": "105453",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105453"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Office Word Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Office Word Viewer"
}
]
},
{
"product": "Windows Server 2008",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"status": "affected",
"version": "Itanium-Based Systems Service Pack 2"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 2"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 2 (Server Core installation)"
}
]
},
{
"product": "Microsoft PowerPoint Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007"
}
]
},
{
"product": "Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "365 ProPlus for 32-bit Systems"
},
{
"status": "affected",
"version": "365 ProPlus for 64-bit Systems"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
}
],
"datePublic": "2018-10-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Information Disclosure Vulnerability.\" This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041823"
},
{
"name": "105453",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105453"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Office Word Viewer"
}
]
}
},
{
"product_name": "Windows Server 2008",
"version": {
"version_data": [
{
"version_value": "32-bit Systems Service Pack 2"
},
{
"version_value": "32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"version_value": "Itanium-Based Systems Service Pack 2"
},
{
"version_value": "x64-based Systems Service Pack 2"
},
{
"version_value": "x64-based Systems Service Pack 2 (Server Core installation)"
}
]
}
},
{
"product_name": "Microsoft PowerPoint Viewer",
"version": {
"version_data": [
{
"version_value": "2007"
}
]
}
},
{
"product_name": "Office",
"version": {
"version_data": [
{
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Information Disclosure Vulnerability.\" This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041823"
},
{
"name": "105453",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105453"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8427",
"datePublished": "2018-10-10T13:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8429 (GCVE-0-2018-8429)
Vulnerability from nvd – Published: 2018-09-13 00:00 – Updated: 2024-08-05 06:54
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/105219 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1041630 | vdb-entryx_refsource_SECTRACK |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft Office |
Affected:
2016 Click-to-Run (C2R) for 32-bit editions
Affected: 2016 Click-to-Run (C2R) for 64-bit editions Affected: 2016 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
Date Public
2018-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429"
},
{
"name": "105219",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105219"
},
{
"name": "1041630",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041630"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
}
],
"datePublic": "2018-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429"
},
{
"name": "105219",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105219"
},
{
"name": "1041630",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041630"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429"
},
{
"name": "105219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105219"
},
{
"name": "1041630",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041630"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8429",
"datePublished": "2018-09-13T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8382 (GCVE-0-2018-8382)
Vulnerability from nvd – Published: 2018-08-15 17:00 – Updated: 2024-08-05 06:54
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105000 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1041463 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 Click-to-Run (C2R) for 32-bit editions Affected: 2016 Click-to-Run (C2R) for 64-bit editions |
Date Public
2018-08-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105000",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105000"
},
{
"name": "1041463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041463"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
}
]
}
],
"datePublic": "2018-08-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105000",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105000"
},
{
"name": "1041463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041463"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105000",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105000"
},
{
"name": "1041463",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041463"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8382",
"datePublished": "2018-08-15T17:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8378 (GCVE-0-2018-8378)
Vulnerability from nvd – Published: 2018-08-15 17:00 – Updated: 2024-08-05 06:54
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104996 | vdb-entryx_refsource_BID |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Word |
Affected:
Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
|
|
| Microsoft | Microsoft SharePoint Server |
Affected:
2013 Service Pack 1
|
|
| Microsoft | Microsoft Office Word Viewer |
Affected:
Microsoft Office Word Viewer
|
|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft SharePoint |
Affected:
Enterprise Server 2013 Service Pack 1
Affected: Enterprise Server 2016 |
|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 Click-to-Run (C2R) for 32-bit editions Affected: 2016 Click-to-Run (C2R) for 64-bit editions Affected: Web Apps 2010 Service Pack 2 Affected: Web Apps 2013 Service Pack 1 |
Date Public
2018-08-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104996",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104996"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Word",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
},
{
"product": "Microsoft SharePoint Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2013 Service Pack 1"
}
]
},
{
"product": "Microsoft Office Word Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Office Word Viewer"
}
]
},
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft SharePoint",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Enterprise Server 2013 Service Pack 1"
},
{
"status": "affected",
"version": "Enterprise Server 2016"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"status": "affected",
"version": "Web Apps 2010 Service Pack 2"
},
{
"status": "affected",
"version": "Web Apps 2013 Service Pack 1"
}
]
}
],
"datePublic": "2018-08-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Office Information Disclosure Vulnerability.\" This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104996",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104996"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Word",
"version": {
"version_data": [
{
"version_value": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name": "Microsoft SharePoint Server",
"version": {
"version_data": [
{
"version_value": "2013 Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Office Word Viewer"
}
]
}
},
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft SharePoint",
"version": {
"version_data": [
{
"version_value": "Enterprise Server 2013 Service Pack 1"
},
{
"version_value": "Enterprise Server 2016"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"version_value": "Web Apps 2010 Service Pack 2"
},
{
"version_value": "Web Apps 2013 Service Pack 1"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Office Information Disclosure Vulnerability.\" This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104996",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104996"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8378",
"datePublished": "2018-08-15T17:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8375 (GCVE-0-2018-8375)
Vulnerability from nvd – Published: 2018-08-15 17:00 – Updated: 2024-08-05 06:54
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8379.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104989 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1041463 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel Viewer |
Affected:
2007 Service Pack 3
|
|
| Microsoft | Microsoft Office |
Affected:
2016 for Mac
Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 Click-to-Run (C2R) for 32-bit editions Affected: 2016 Click-to-Run (C2R) for 64-bit editions |
Date Public
2018-08-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104989",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104989"
},
{
"name": "1041463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041463"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2007 Service Pack 3"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
}
]
}
],
"datePublic": "2018-08-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8379."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104989",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104989"
},
{
"name": "1041463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041463"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "2007 Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8379."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104989",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104989"
},
{
"name": "1041463",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041463"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8375",
"datePublished": "2018-08-15T17:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:36.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8281 (GCVE-0-2018-8281)
Vulnerability from nvd – Published: 2018-07-11 00:00 – Updated: 2024-08-05 06:54
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Microsoft Office, Microsoft Office Word Viewer.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1041252 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/104609 | vdb-entryx_refsource_BID |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Excel Viewer |
Affected:
Microsoft Excel Viewer
|
|
| Microsoft | Microsoft PowerPoint Viewer |
Affected:
Microsoft PowerPoint Viewer
|
|
| Microsoft | Microsoft Office |
Affected:
2016 Click-to-Run (C2R) for 32-bit editions
Affected: 2016 Click-to-Run (C2R) for 64-bit editions Affected: 2016 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Office Word Viewer |
Affected:
Microsoft Office Word Viewer
|
Date Public
2018-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041252",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041252"
},
{
"name": "104609",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104609"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Excel Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Excel Viewer"
}
]
},
{
"product": "Microsoft PowerPoint Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft PowerPoint Viewer"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Office Word Viewer",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Microsoft Office Word Viewer"
}
]
}
],
"datePublic": "2018-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Microsoft Office, Microsoft Office Word Viewer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041252",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041252"
},
{
"name": "104609",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104609"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Excel Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Excel Viewer"
}
]
}
},
{
"product_name": "Microsoft PowerPoint Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft PowerPoint Viewer"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value": "Microsoft Office Word Viewer"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Microsoft Office, Microsoft Office Word Viewer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041252",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041252"
},
{
"name": "104609",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104609"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8281",
"datePublished": "2018-07-11T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:54:34.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8246 (GCVE-0-2018-8246)
Vulnerability from nvd – Published: 2018-06-14 12:00 – Updated: 2024-08-05 06:46
VLAI
Summary
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1041109 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/104322 | vdb-entryx_refsource_BID |
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8246"
},
{
"name": "1041109",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041109"
},
{
"name": "104322",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104322"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-15T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8246"
},
{
"name": "1041109",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041109"
},
{
"name": "104322",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104322"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8246",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8246"
},
{
"name": "1041109",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041109"
},
{
"name": "104322",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104322"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8246",
"datePublished": "2018-06-14T12:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:46:13.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8160 (GCVE-0-2018-8160)
Vulnerability from nvd – Published: 2018-05-09 19:00 – Updated: 2024-08-05 06:46
VLAI
Summary
An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Word, Microsoft Office.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1040852 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/104051 | vdb-entryx_refsource_BID |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Word |
Affected:
Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
|
|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: Compatibility Pack Service Pack 3 Affected: Web Apps Server 2010 Service Pack 2 |
Date Public
2018-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040852",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040852"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8160"
},
{
"name": "104051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Word",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
},
{
"status": "affected",
"version": "Web Apps Server 2010 Service Pack 2"
}
]
}
],
"datePublic": "2018-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Outlook when a message is opened, aka \"Microsoft Outlook Information Disclosure Vulnerability.\" This affects Word, Microsoft Office."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040852",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040852"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8160"
},
{
"name": "104051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Word",
"version": {
"version_data": [
{
"version_value": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "Compatibility Pack Service Pack 3"
},
{
"version_value": "Web Apps Server 2010 Service Pack 2"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in Outlook when a message is opened, aka \"Microsoft Outlook Information Disclosure Vulnerability.\" This affects Word, Microsoft Office."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040852",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040852"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8160",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8160"
},
{
"name": "104051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8160",
"datePublished": "2018-05-09T19:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:46:13.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8148 (GCVE-0-2018-8148)
Vulnerability from nvd – Published: 2018-05-09 19:00 – Updated: 2024-08-05 06:46
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8147, CVE-2018-8162.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104053 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1040857 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2016 Click-to-Run (C2R) for 32-bit editions Affected: 2016 Click-to-Run (C2R) for 64-bit editions Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
Date Public
2018-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104053",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104053"
},
{
"name": "1040857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8148"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
}
],
"datePublic": "2018-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8147, CVE-2018-8162."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104053",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104053"
},
{
"name": "1040857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8148"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8147, CVE-2018-8162."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104053",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104053"
},
{
"name": "1040857",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040857"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8148",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8148"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8148",
"datePublished": "2018-05-09T19:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:46:13.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8147 (GCVE-0-2018-8147)
Vulnerability from nvd – Published: 2018-05-09 19:00 – Updated: 2024-08-05 06:46
VLAI
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8148, CVE-2018-8162.
Severity
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1040857 | vdb-entryx_refsource_SECTRACK |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/104035 | vdb-entryx_refsource_BID |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Office |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 Click-to-Run (C2R) for 32-bit editions Affected: 2016 Click-to-Run (C2R) for 64-bit editions Affected: 2016 for Mac Affected: Compatibility Pack Service Pack 3 |
|
| Microsoft | Microsoft Excel |
Affected:
2010 Service Pack 2 (32-bit editions)
Affected: 2010 Service Pack 2 (64-bit editions) Affected: 2013 RT Service Pack 1 Affected: 2013 Service Pack 1 (32-bit editions) Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) |
Date Public
2018-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8147"
},
{
"name": "104035",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104035"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"status": "affected",
"version": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"status": "affected",
"version": "2016 for Mac"
},
{
"status": "affected",
"version": "Compatibility Pack Service Pack 3"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
}
]
}
],
"datePublic": "2018-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8148, CVE-2018-8162."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8147"
},
{
"name": "104035",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104035"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 Click-to-Run (C2R) for 32-bit editions"
},
{
"version_value": "2016 Click-to-Run (C2R) for 64-bit editions"
},
{
"version_value": "2016 for Mac"
},
{
"version_value": "Compatibility Pack Service Pack 3"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8148, CVE-2018-8162."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040857",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040857"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8147",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8147"
},
{
"name": "104035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104035"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8147",
"datePublished": "2018-05-09T19:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:46:13.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}