Lucene search

[email protected]NVD:CVE-2018-0986

HistoryApr 04, 2018 - 5:29 p.m.

CVE-2018-0986

2018-04-0417:29:01

CWE-787

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.948

Percentile

99.3%

JSON

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka “Microsoft Malware Protection Engine Remote Code Execution Vulnerability.” This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

Affected configurations

Nvd

Node

microsoftexchange_serverMatch2013-

microsoftexchange_serverMatch2016-

microsoftsecurity_essentialsMatch-

Node

microsoftforefront_endpoint_protection_2010Match-

microsoftintune_endpoint_protectionMatch-

microsoftsystem_center_endpoint_protection

microsoftsystem_center_endpoint_protectionMatch2012-

microsoftsystem_center_endpoint_protectionMatch2012r2

Node

microsoftwindows_defenderMatch-

AND

microsoftwindows_10Match-

microsoftwindows_10Match1511

microsoftwindows_10Match1607

microsoftwindows_10Match1703

microsoftwindows_10Match1709

microsoftwindows_7Match-sp1

microsoftwindows_8.1

microsoftwindows_rt_8.1

microsoftwindows_server_2008Matchr2sp1

microsoftwindows_server_2012

microsoftwindows_server_2012Matchr2

microsoftwindows_server_2016

microsoftwindows_server_2016Match1709

VendorProductVersionCPE
microsoftexchange_server2013cpe:2.3:a:microsoft:exchange_server:2013:-:*:*:*:*:*:*
microsoftexchange_server2016cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*
microsoftsecurity_essentials-cpe:2.3:a:microsoft:security_essentials:-:*:*:*:*:*:*:*
microsoftforefront_endpoint_protection_2010-cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:*:*:*:*:*:*:*
microsoftintune_endpoint_protection-cpe:2.3:a:microsoft:intune_endpoint_protection:-:*:*:*:*:*:*:*
microsoftsystem_center_endpoint_protection*cpe:2.3:a:microsoft:system_center_endpoint_protection:*:*:*:*:*:*:*:*
microsoftsystem_center_endpoint_protection2012cpe:2.3:a:microsoft:system_center_endpoint_protection:2012:-:*:*:*:*:*:*
microsoftsystem_center_endpoint_protection2012cpe:2.3:a:microsoft:system_center_endpoint_protection:2012:r2:*:*:*:*:*:*
microsoftwindows_defender-cpe:2.3:a:microsoft:windows_defender:-:*:*:*:*:*:*:*
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	exchange_server	2013	cpe:2.3:a:microsoft:exchange_server:2013:-::::::
microsoft	exchange_server	2016	cpe:2.3:a:microsoft:exchange_server:2016:-::::::
microsoft	security_essentials	-	cpe:2.3:a:microsoft:security_essentials:-:::::::*
microsoft	forefront_endpoint_protection_2010	-	cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:::::::*
microsoft	intune_endpoint_protection	-	cpe:2.3:a:microsoft:intune_endpoint_protection:-:::::::*
microsoft	system_center_endpoint_protection	*	cpe:2.3:a:microsoft:system_center_endpoint_protection::::::::
microsoft	system_center_endpoint_protection	2012	cpe:2.3:a:microsoft:system_center_endpoint_protection:2012:-::::::
microsoft	system_center_endpoint_protection	2012	cpe:2.3:a:microsoft:system_center_endpoint_protection:2012:r2::::::
microsoft	windows_defender	-	cpe:2.3:a:microsoft:windows_defender:-:::::::*
microsoft	windows_10	-	cpe:2.3:o:microsoft:windows_10:-:::::::*