CVE-2018-8427

MEDIUM

Microsoft Graphics Components - Info Disclosure

Title source: llm
STIX 2.1

Description

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1041823
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/105453

Scores

CVSS v3 5.5
EPSS 0.0229
EPSS Percentile 81.1%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (8)
microsoft/excel_viewer 2007 sp3
microsoft/office 2016
microsoft/office 2019
microsoft/office_365_proplus
microsoft/office_compatibility_pack
microsoft/office_word_viewer
microsoft/powerpoint_viewer 2007
microsoft/windows_server_2008
Published Oct 10, 2018
Tracked Since Feb 18, 2026