Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-0919
HistoryMar 14, 2018 - 5:29 p.m.

CVE-2018-0919

2018-03-1417:29:02
CWE-125
CWE-908
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

5.1 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2010 SP2, Word 2013 SP1 and Microsoft Word 2016 allow an information disclosure vulnerability due to how variables are initialized, aka “Microsoft Office Information Disclosure Vulnerability”.

Affected configurations

NVD
Node
microsoftofficeMatch2010sp2
OR
microsoftofficeMatch2016mac_os_x
OR
microsoftofficeMatch2016click-to-run
OR
microsoftoffice_online_serverMatch2016
OR
microsoftoffice_web_appsMatch2010sp2
OR
microsoftoffice_web_apps_serverMatch2013sp1
OR
microsoftsharepoint_enterprise_serverMatch2013sp1
OR
microsoftsharepoint_enterprise_serverMatch2016
OR
microsoftsharepoint_serverMatch2010sp2
OR
microsoftwordMatch2010sp2
OR
microsoftwordMatch2013sp1
OR
microsoftwordMatch2013sp1rt
OR
microsoftwordMatch2016

Related

cve 1
mskb 10
openvas 5
prion 1
cvelist 1
mscve 1
symantec 1
nessus 5
kaspersky 1
trendmicroblog 1
talosblog 1
cve
cve
CVE-2018-0919
2018-03-14 17:29:02
mskb
mskb
Description of the security update for Word 2016: March 13, 2018
2018-03-13 07:00:00
Description of the security update for Word 2010: March 13, 2018
2018-03-13 07:00:00
Description of the security update for SharePoint Server 2010: March 13, 2018
2018-03-13 07:00:00
openvas
openvas
Microsoft Word 2016 Information Disclosure Vulnerability (KB4011730)
2018-03-14 00:00:00
Microsoft Office Web Apps Server 2013 RCE And Information Disclosure Vulnerabilities (KB4011692)
2018-03-14 00:00:00
Microsoft Word 2010 Service Pack 2 Multiple Vulnerabilities (KB4011674)
2018-03-14 00:00:00
prion
prion
Information disclosure
2018-03-14 17:29:00
cvelist
cvelist
CVE-2018-0919
2018-03-14 00:00:00
mscve
mscve
Microsoft Office Information Disclosure Vulnerability
2018-03-13 07:00:00
symantec
symantec
Microsoft Office CVE-2018-0919 Information Disclosure Vulnerability
2018-03-13 00:00:00
nessus
nessus
Security Update for Microsoft Office (March 2018) (macOS)
2018-03-13 00:00:00
Security Updates for Microsoft Office Online Server and Microsoft Office Web Apps (March 2018)
2018-03-13 00:00:00
Security Updates for Microsoft Office Products (March 2018)
2018-03-13 00:00:00
kaspersky
kaspersky
KLA11213 Multiple vulnerabilities in Microsoft Office
2018-03-13 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 12, 2018
2018-03-16 15:14:43
talosblog
talosblog
Microsoft Patch Tuesday - March 2018
2018-03-13 14:38:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

5.1 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON
Related for NVD:CVE-2018-0919
cve1mskb10openvas5prion1cvelist1mscve1symantec1nessus5kaspersky1trendmicroblog1talosblog1