Use of Uninitialized Resource

CVE-2018-8627

Medium

5.5/10

Summary

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-908 - Use of Uninitialized Resource

The software uses or accesses a resource that has not been initialized.

References

Advisory Timeline

Published Dec 12, 2018

Use of Uninitialized Resource

CVE-2018-8627

Summary

CWE-908 - Use of Uninitialized Resource

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS