CVE-2018-1007 Information

Description

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory aka \Microsoft Office Information Disclosure Vulnerability.\ This affects Microsoft Office. This CVE ID is unique from CVE-2018-0950.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Reference

http://www.securityfocus.com/bid/103640 http://www.securitytracker.com/id/1040654 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1007

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.3