PT-2018-18467 · Microsoft · Office+1

Omair

Published

2018-05-08

Updated

2018-06-05

CVE-2018-8163

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Office (affected versions not specified) Microsoft Excel (affected versions not specified)

Description An information disclosure issue exists due to improper memory content disclosure by Microsoft Excel. This could allow an attacker to compromise a user's computer or data by exploiting the vulnerability. To exploit this, an attacker would need to craft a special document file and convince a user to open it, requiring knowledge of the memory address location where the object was created.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-8163

ZDI-18-431

Affected Products

Office Excel

Office

PT-2018-18467 · Microsoft · Office+1

CVE-2018-8163

Weakness Enumeration

Related Identifiers

Affected Products

References · 7