CVE-2018-8382
https://notcve.org/view.php?id=CVE-2018-8382
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. Existe una vulnerabilidad de divulgación de información cuando Microsoft Excel no muestra correctamente los contenidos de su memoria. Esto también se conoce como "Microsoft Excel Information Disclosure Vulnerability". Esto afecta a Microsoft Excel Viewer, Microsoft Office y Microsoft Excel. • http://www.securityfocus.com/bid/105000 http://www.securitytracker.com/id/1041463 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-8379
https://notcve.org/view.php?id=CVE-2018-8379
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-8375. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Excel cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft Excel Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/104997 http://www.securitytracker.com/id/1041463 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8379 •
CVE-2013-3889
https://notcve.org/view.php?id=CVE-2013-3889
Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." Microsoft Excel 2007 SP3, 2010 SP1 y SP2, 2013, y 2013 RT; Office 2007 SP3, 2010 SP1 y SP2, 2013, y 2013 RT; Office para Mac 2011; Excel Viewer; Office Compatibility Pack SP3; y Excel Services y Word Automation Services en SharePoint Server 2013 permite a atacantes remotos ejecutar código arbitrario a través de documentos Office manipulados, también conocida como "Vulnerabilidad de corrupción de memoria en Microsoft Excel". • http://www.us-cert.gov/ncas/alerts/TA13-288A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-084 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-085 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18901 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19132 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •