CVE-2018-8429

{"id": "CVE-2018-8429", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2018-09-13T00:29:03.160", "references": [{"url": "http://www.securityfocus.com/bid/105219", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id/1041630", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."}, {"lang": "es", "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n cuando Microsoft Excel no muestra correctamente los contenidos de su memoria. Esto tambi\u00e9n se conoce como \"Microsoft Excel Information Disclosure Vulnerability\". Esto afecta a Microsoft Excel Viewer, Microsoft Office y Microsoft Excel."}], "lastModified": "2018-11-01T14:24:57.733", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E36D981E-E56D-46C7-9486-FC691A75C497"}, {"criteria": "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F564117D-450D-45C4-9688-AF35F630A8A7"}, {"criteria": "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*", "vulnerable": true, "matchCriteriaId": "3A062169-527E-43DA-8AE0-FD4FBA1B2A9B"}, {"criteria": "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09BF0981-749E-470B-A7AC-95AD087797EF"}, {"criteria": "cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4635DA5-27DA-43FF-92AC-A9F80218A2F0"}, {"criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:click-to-run:*:*:*", "vulnerable": true, "matchCriteriaId": "E74CB3D6-B0D7-4A6C-ABAA-170C7710D856"}, {"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71AF058A-2E5D-4B11-88DB-8903C64B13C1"}, {"criteria": "cpe:2.3:a:microsoft:office_for_mac:2016:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CE41A84-9FE6-4227-87FA-6D909A6CA161"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}