CVE-2018-8598

Опубликовано: 12 дек. 2018

Источник: nvd

CVSS3: 4.7

CVSS2: 2.6

EPSS Низкий

Описание

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8627.

Ссылки

http://www.securityfocus.com/bid/106102
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8598
Patch
Vendor Advisory
http://www.securityfocus.com/bid/106102
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8598
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*

cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05228

Низкий

4.7 Medium

CVSS3

2.6 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2018-8598

msrc

больше 6 лет назад

Microsoft Excel Information Disclosure Vulnerability

GHSA-643h-w2r6-x59x

CVSS3: 4.7

github

больше 3 лет назад

BDU:2019-00004

CVSS3: 8.8

fstec