Lucene search
Haikuo Xie of Baidu Security LabZDI-18-1054HistorySep 14, 2018 - 12:00 a.m.
Microsoft Windows SMB Client Out-Of-Bounds Read Information Disclosure Vulnerability
2018-09-1400:00:00
Haikuo Xie of Baidu Security Lab
www.zerodayinitiative.com
14
EPSS
0.001
Percentile
46.5%
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the kernel-mode portion of the Windows SMB client. Crafted data in an SMB reply can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privilege to the level of SYSTEM.
Related
symantec
symantec
mscve
mscve
Windows Kernel Information Disclosure Vulnerability
2018-09-11 07:00:00
cvelist
cvelist
prion
prion
Information disclosure
2018-09-13 00:29:00
Information disclosure
2018-09-13 00:29:00
Information disclosure
2018-09-13 00:29:00
nvd
nvd
cve
cve
mskb
mskb
September 11, 2018âKB4457145 (Security-only update)
2018-09-11 07:00:00
September 11, 2018âKB4457984 (Security-only update)
2018-09-11 07:00:00
September 11, 2018âKB4458010 (Monthly Rollup)
2018-09-11 07:00:00
nessus
nessus
KB4457984: Windows Server 2008 September 2018 Security Update
2018-09-11 00:00:00
kaspersky
kaspersky
KLA11890 Multiple vulnerabilities in Microsoft Products (ESU)
2018-09-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4457144)
2018-09-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - September 2018
2018-09-11 11:56:00