Uninitialized Variable in Microsoft Excel Leads to Information Disclosure

Uninitialized Variable in Microsoft Excel Leads to Information Disclosure

CVE-2018-8627 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.

Learn more about our Cis Benchmark Audit For Microsoft Office.