CVE-2018-1007
First published: Thu Apr 12 2018(Updated: )
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-0950.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =2016 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-1007?
CVE-2018-1007 has a medium severity rating due to the potential for information disclosure.
How do I fix CVE-2018-1007?
To mitigate CVE-2018-1007, users should update Microsoft Office to the latest version which includes security patches.
Who is affected by CVE-2018-1007?
CVE-2018-1007 affects users of Microsoft Office 2016.
What type of vulnerability is CVE-2018-1007?
CVE-2018-1007 is classified as an information disclosure vulnerability.
Can CVE-2018-1007 affect data confidentiality?
Yes, CVE-2018-1007 can lead to unauthorized access to sensitive information in memory.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/severity
- agent/references
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/2016