CVE-2018-1007

Опубликовано: 12 апр. 2018

Источник: nvd

CVSS3: 5.3

CVSS2: 2.6

EPSS Низкий

Описание

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-0950.

Ссылки

http://www.securityfocus.com/bid/103640
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040654
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1007
Patch
Vendor Advisory
http://www.securityfocus.com/bid/103640
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040654
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1007
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08932

Низкий

5.3 Medium

CVSS3

2.6 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2018-1007

msrc

около 7 лет назад

Microsoft Office Information Disclosure Vulnerability

GHSA-5qwh-c5rc-7f4v