Lucene search
Pengsu Cheng of Trend Micro Security ResearchZDI-18-593HistoryJun 26, 2018 - 12:00 a.m.
Microsoft Office Excel Parsed Expression Uninitialized Memory Information Disclosure Vulnerability
2018-06-2600:00:00
Pengsu Cheng of Trend Micro Security Research
www.zerodayinitiative.com
5
0.006 Low
EPSS
Percentile
78.6%
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of parsed expressions in FORMULA records in Excel workbooks. Crafted data can trigger access to memory prior to initialization. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
Related
openvas
openvas
mskb
mskb
Description of the security update for Excel 2013: June 12, 2018
2018-06-12 07:00:00
Description of the security update for Excel 2016: June 12, 2018
2018-06-12 07:00:00
Security update 2018-06-12
2018-06-12 07:00:00
nessus
nessus
Security Updates for Microsoft Office Viewer Products (June 2018)
2018-06-12 00:00:00
Security Updates for Microsoft Excel Products (June 2018)
2018-06-12 00:00:00
Security Updates for Microsoft Office Compatibility Products (June 2018)
2018-06-12 00:00:00
prion
prion
Information disclosure
2018-06-14 12:29:00
cvelist
cvelist
CVE-2018-8246
2018-06-14 12:00:00
mscve
mscve
Microsoft Excel Information Disclosure Vulnerability
2018-06-12 07:00:00
checkpoint_advisories
checkpoint_advisories
symantec
symantec
Microsoft Excel CVE-2018-8246 Information Disclosure Vulnerability
2018-06-12 00:00:00
cve
cve
CVE-2018-8246
2018-06-14 12:29:02
nvd
nvd
CVE-2018-8246
2018-06-14 12:29:02
kaspersky
kaspersky
KLA11267 Multiple vulnerabilities in Microsoft Office
2018-06-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - June 2018
2018-06-12 11:58:00
trendmicroblog
trendmicroblog