Home

CVE-2018-8427

Description

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka Microsoft Graphics Components Information Disclosure Vulnerability. This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer.

Risk Information

Base Score
4.6
MODERATE
Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
3.634

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Graphics Components Information Disclosure Vulnerability for Windows Server 2008 for x86-based Systems (KB4463104)Windows
Microsoft Graphics Components Information Disclosure Vulnerability for Windows Server 2008 for x64-based Systems (KB4463104)Windows
Microsoft Graphics Components Information Disclosure Vulnerability for Windows Server 2008 for x64-based Systems (KB4463097)Windows
Microsoft Graphics Components Information Disclosure Vulnerability for Windows Server 2008 for x86-based Systems (KB4463097)Windows
Microsoft Graphics Components Information Disclosure Vulnerability for Word Viewer (KB4092464)Windows
Microsoft Graphics Components Information Disclosure Vulnerability for Microsoft Office Viewers Microsoft Office Compatibility Pack (KB4092444)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-253482018-10 Security Only Quality Update for Windows Server 2008 for x86-based Systems (KB4463104)
PATCH-253492018-10 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4463104)
PATCH-253922018-10 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4463097)
PATCH-253932018-10 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB4463097)
PATCH-25445Security Update for Word Viewer (KB4092464)
PATCH-25401Security Update for Microsoft Office Viewers Microsoft Office Compatibility Pack (KB4092444)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234