Information Disclosure Vulnerability in Microsoft Excel Products
CVE-2018-8382

5.5MEDIUM

Key Information:

Vendor
Microsoft
Status
Microsoft Excel Viewer
Microsoft Office
Microsoft Excel
Vendor
CVE Published:
15 August 2018

Summary

An information disclosure vulnerability exists in Microsoft Excel, which allows unauthorized access to sensitive data stored in memory. This flaw can potentially expose confidential information to attackers, impacting users and organizations that rely on Excel for data handling. Microsoft Excel Viewer, Microsoft Office, and Microsoft Excel products are affected, necessitating immediate attention to protect privacy and data integrity.

Affected Version(s)

Microsoft Excel 2010 Service Pack 2 (32-bit editions)

Microsoft Excel 2010 Service Pack 2 (64-bit editions)

Microsoft Excel 2013 RT Service Pack 1

References

http://www.securityfocus.com/bid/105000
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041463
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.