Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11224
HistoryApr 06, 2018 - 12:00 a.m.

KLA11224 ACE vulnerability in Microsoft Internet Explorer

2018-04-0600:00:00
Kaspersky Lab
threats.kaspersky.com
33

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

An unspecified vulnerability was found in Microsoft Internet Explorer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted website.

Original advisories

CVE-2018-8118

Related products

Microsoft-Internet-Explorer

CVE list

CVE-2018-8118 critical

KB list

4088782

4088787

4088786

4088779

4089187

4088877

4088875

4088776

4088876

4096040

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

  • Microsoft Internet Explorer 10Microsoft Internet Explorer 11

Related

mscve 1
cve 1
cvelist 1
prion 1
nvd 1
nessus 1
mskb 10
mscve
mscve
Internet Explorer Memory Corruption Vulnerability
2018-04-06 07:00:00
cve
cve
CVE-2018-8118
2018-04-19 16:29:00
cvelist
cvelist
CVE-2018-8118
2018-04-19 16:00:00
prion
prion
Remote code execution
2018-04-19 16:29:00
nvd
nvd
CVE-2018-8118
2018-04-19 16:29:00
nessus
nessus
Security Updates for Internet Explorer (March 2018)
2018-03-13 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: March 23, 2018
2018-04-06 07:00:00
Cumulative security update for Internet Explorer: March 13, 2018
2018-04-06 07:00:00
March 13, 2018—KB4088877 (Monthly Rollup)
2018-04-06 07:00:00

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON
Related for KLA11224
mscve1cve1cvelist1prion1nvd1nessus1mskb10