Description
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041823
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/105453
Patch, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427
Scores
CVSS v3
5.5
EPSS
0.0229
EPSS Percentile
81.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (8)
microsoft/excel_viewer
2007 sp3
microsoft/office
2016
microsoft/office
2019
microsoft/office_365_proplus
microsoft/office_compatibility_pack
microsoft/office_word_viewer
microsoft/powerpoint_viewer
2007
microsoft/windows_server_2008
Published
Oct 10, 2018
Tracked Since
Feb 18, 2026