Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-103623
HistoryApr 10, 2018 - 12:00 a.m.

Microsoft Internet Explorer Scripting Engine CVE-2018-0987 Information Disclosure Vulnerability

2018-04-1000:00:00
Symantec Security Response
www.symantec.com
16

0.004 Low

EPSS

Percentile

70.9%

JSON

Description

Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 9, 10 and 11 are vulnerable.

Technologies Affected

  • Microsoft Internet Explorer 10
  • Microsoft Internet Explorer 11
  • Microsoft Internet Explorer 9

Recommendations

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits

Do not follow links provided by unknown or untrusted sources.
Web users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.

Updates are available. Please see the references or vendor advisory for more information.

Related

zdi 1
mscve 1
cve 4
prion 4
nessus 9
mskb 9
kaspersky 2
openvas 7
talosblog 1
trendmicroblog 1
zdi
zdi
Microsoft Windows JScript defineProperty Use-After-Free Information Disclosure Vulnerability
2018-04-11 00:00:00
mscve
mscve
Scripting Engine Information Disclosure Vulnerability
2018-04-10 07:00:00
cve
cve
CVE-2018-0989
2018-04-12 01:29:00
CVE-2018-1000
2018-04-12 01:29:00
CVE-2018-0987
2018-04-12 01:29:00
prion
prion
Information disclosure
2018-04-12 01:29:00
Information disclosure
2018-04-12 01:29:00
Information disclosure
2018-04-12 01:29:00
nessus
nessus
Security Updates for Internet Explorer (April 2018)
2018-04-10 00:00:00
KB4093122: Windows Server 2012 April 2018 Security Update
2018-04-10 00:00:00
KB4093108: Windows 7 and Windows Server 2008 R2 April 2018 Security Update
2018-04-10 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: April 10, 2018
2018-04-10 07:00:00
April 10, 2018—KB4093123 (Monthly Rollup)
2018-04-10 07:00:00
April 10, 2018—KB4093118 (Monthly Rollup)
2018-04-10 07:00:00
kaspersky
kaspersky
KLA11222 Multiple vulnerabilities in Microsoft Browsers
2018-04-10 00:00:00
KLA11896 Multiple vulnerabilities in Microsoft Products (ESU)
2018-04-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4093118)
2018-04-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4093114)
2018-04-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4093109)
2018-04-11 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - April 2018
2018-04-10 13:13:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 9, 2018
2018-04-13 15:37:14

0.004 Low

EPSS

Percentile

70.9%

JSON
Related for SMNTC-103623
zdi1mscve1cve4prion4nessus9mskb9kaspersky2openvas7talosblog1trendmicroblog1