An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka Microsoft Excel Information Disclosure Vulnerability. This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.
Weakness
The product uses or accesses a resource that has not been initialized.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Excel | Microsoft | 2010-sp2 (including) | 2010-sp2 (including) |
| Excel | Microsoft | 2013-sp1 (including) | 2013-sp1 (including) |
| Excel | Microsoft | 2016 (including) | 2016 (including) |
| Excel_viewer | Microsoft | 2007-sp3 (including) | 2007-sp3 (including) |
| Office | Microsoft | 2010-sp2 (including) | 2010-sp2 (including) |
| Office | Microsoft | 2016 (including) | 2016 (including) |
| Office | Microsoft | 2019 (including) | 2019 (including) |
| Office_365_proplus | Microsoft | - (including) | - (including) |
| Office_compatibility_pack | Microsoft | –sp3 (including) | –sp3 (including) |
| Sharepoint_server | Microsoft | 2010-sp2 (including) | 2010-sp2 (including) |