{"containers": {"cna": {"affected": [{"product": "Microsoft Office", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "2016 for Mac"}, {"status": "affected", "version": "2019 for 32-bit editions"}, {"status": "affected", "version": "2019 for 64-bit editions"}, {"status": "affected", "version": "Compatibility Pack Service Pack 3"}]}, {"product": "Microsoft Office Word Viewer", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "Microsoft Office Word Viewer"}]}, {"product": "Windows Server 2008", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "32-bit Systems Service Pack 2"}, {"status": "affected", "version": "32-bit Systems Service Pack 2 (Server Core installation)"}, {"status": "affected", "version": "Itanium-Based Systems Service Pack 2"}, {"status": "affected", "version": "x64-based Systems Service Pack 2"}, {"status": "affected", "version": "x64-based Systems Service Pack 2 (Server Core installation)"}]}, {"product": "Microsoft PowerPoint Viewer", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "2007"}]}, {"product": "Office", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "365 ProPlus for 32-bit Systems"}, {"status": "affected", "version": "365 ProPlus for 64-bit Systems"}]}, {"product": "Microsoft Excel Viewer", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "2007 Service Pack 3"}]}], "datePublic": "2018-10-09T00:00:00", "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Information Disclosure Vulnerability.\" This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer."}], "problemTypes": [{"descriptions": [{"description": "Information Disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T09:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "1041823", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041823"}, {"name": "105453", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105453"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2018-8427", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Microsoft Office", "version": {"version_data": [{"version_value": "2016 for Mac"}, {"version_value": "2019 for 32-bit editions"}, {"version_value": "2019 for 64-bit editions"}, {"version_value": "Compatibility Pack Service Pack 3"}]}}, {"product_name": "Microsoft Office Word Viewer", "version": {"version_data": [{"version_value": "Microsoft Office Word Viewer"}]}}, {"product_name": "Windows Server 2008", "version": {"version_data": [{"version_value": "32-bit Systems Service Pack 2"}, {"version_value": "32-bit Systems Service Pack 2 (Server Core installation)"}, {"version_value": "Itanium-Based Systems Service Pack 2"}, {"version_value": "x64-based Systems Service Pack 2"}, {"version_value": "x64-based Systems Service Pack 2 (Server Core installation)"}]}}, {"product_name": "Microsoft PowerPoint Viewer", "version": {"version_data": [{"version_value": "2007"}]}}, {"product_name": "Office", "version": {"version_data": [{"version_value": "365 ProPlus for 32-bit Systems"}, {"version_value": "365 ProPlus for 64-bit Systems"}]}}, {"product_name": "Microsoft Excel Viewer", "version": {"version_data": [{"version_value": "2007 Service Pack 3"}]}}]}, "vendor_name": "Microsoft"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Information Disclosure Vulnerability.\" This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Disclosure"}]}]}, "references": {"reference_data": [{"name": "1041823", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041823"}, {"name": "105453", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105453"}, {"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:54:36.426Z"}, "title": "CVE Program Container", "references": [{"name": "1041823", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041823"}, {"name": "105453", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105453"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2018-8427", "datePublished": "2018-10-10T13:00:00", "dateReserved": "2018-03-14T00:00:00", "dateUpdated": "2024-08-05T06:54:36.426Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*", "matchCriteriaId": "E4635DA5-27DA-43FF-92AC-A9F80218A2F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac_os_x:*:*", "matchCriteriaId": "04435803-F25B-4384-8ADD-001E87F5813A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*", "matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA035812-F35A-43F1-9A8D-EE02201AA10A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "71AF058A-2E5D-4B11-88DB-8903C64B13C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_word_viewer:-:*:*:*:*:*:*:*", "matchCriteriaId": "C64B2636-8F96-48BA-921F-A8FA0E62DE63", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:powerpoint_viewer:2007:*:*:*:*:*:*:*", "matchCriteriaId": "2D744C6F-DEFB-4EC5-B635-2EE7DC7C07F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka \"Microsoft Graphics Components Information Disclosure Vulnerability.\" This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer."}, {"lang": "es", "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n cuando el componente Windows Graphics de Microsoft gestiona los objetos en la memoria. Esto tambi\u00e9n se conoce como \"Microsoft Graphics Components Information Disclosure Vulnerability\". Esto afecta a Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer y Microsoft Excel Viewer."}], "id": "CVE-2018-8427", "lastModified": "2024-11-21T04:13:48.300", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-10T13:29:02.167", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105453"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041823"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105453"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041823"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}