Vulnerability CVE-2018-0986
Published: 2018-04-04

Description:
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

Type:

CWE-119

 (Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Microsoft -> Exchange server 
Microsoft -> Forefront endpoint protection 2010 
Microsoft -> Intune endpoint protection 
Microsoft -> Security essentials 
Microsoft -> System center 2012 endpoint protection 
Microsoft -> System center 2012 r2 endpoint protection 
Microsoft -> System center endpoint protection 
Microsoft -> Windows defender 

 References:
http://www.securityfocus.com/bid/103593
http://www.securitytracker.com/id/1040631
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986
https://www.exploit-db.com/exploits/44402/
Copyright 2024, cxsecurity.com

 

Back to Top