Search criteria
66 vulnerabilities found for Windows by Microsoft Corporation
CVE-2018-1038 (GCVE-0-2018-1038)
Vulnerability from cvelistv5 – Published: 2018-04-02 13:00 – Updated: 2024-09-17 03:18
VLAI?
Summary
The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability."
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1 and Windows Server 2008 R2 SP1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103549"
},
{
"name": "44581",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44581/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.xpnsec.com/total-meltdown-cve-2018-1038/"
},
{
"name": "1040632",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040632"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1 and Windows Server 2008 R2 SP1"
}
]
}
],
"datePublic": "2018-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka \"Windows Kernel Elevation of Privilege Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-03T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103549"
},
{
"name": "44581",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44581/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.xpnsec.com/total-meltdown-cve-2018-1038/"
},
{
"name": "1040632",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040632"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-29T00:00:00",
"ID": "CVE-2018-1038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1 and Windows Server 2008 R2 SP1"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka \"Windows Kernel Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103549"
},
{
"name": "44581",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44581/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038"
},
{
"name": "https://blog.xpnsec.com/total-meltdown-cve-2018-1038/",
"refsource": "MISC",
"url": "https://blog.xpnsec.com/total-meltdown-cve-2018-1038/"
},
{
"name": "1040632",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040632"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-1038",
"datePublished": "2018-04-02T13:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T03:18:09.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0886 (GCVE-0-2018-0886)
Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-17 01:17
VLAI?
Summary
The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040506"
},
{
"name": "103265",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103265"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.preempt.com/security-advisory-credssp"
},
{
"name": "44453",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44453/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/preempt/credssp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka \"CredSSP Remote Code Execution Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-20T17:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040506"
},
{
"name": "103265",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103265"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.preempt.com/security-advisory-credssp"
},
{
"name": "44453",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44453/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/preempt/credssp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka \"CredSSP Remote Code Execution Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040506",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040506"
},
{
"name": "103265",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103265"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886"
},
{
"name": "https://blog.preempt.com/security-advisory-credssp",
"refsource": "MISC",
"url": "https://blog.preempt.com/security-advisory-credssp"
},
{
"name": "44453",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44453/"
},
{
"name": "https://github.com/preempt/credssp",
"refsource": "MISC",
"url": "https://github.com/preempt/credssp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0886",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T01:17:03.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0977 (GCVE-0-2018-0977)
Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-17 02:21
VLAI?
Summary
The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka "Win32k Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0977"
},
{
"name": "1040520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040520"
},
{
"name": "103380",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103380"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka \"Win32k Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0977"
},
{
"name": "1040520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040520"
},
{
"name": "103380",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103380"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka \"Win32k Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0977",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0977"
},
{
"name": "1040520",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040520"
},
{
"name": "103380",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103380"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0977",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T02:21:25.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0816 (GCVE-0-2018-0816)
Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-17 01:57
VLAI?
Summary
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0817.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816"
},
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103248",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103248"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0815 and CVE-2018-0817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816"
},
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103248",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103248"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0816",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0815 and CVE-2018-0817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816"
},
{
"name": "1040515",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103248"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0816",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T01:57:03.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0881 (GCVE-0-2018-0881)
Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-16 23:16
VLAI?
Summary
The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka "Microsoft Video Control Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:10.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0881"
},
{
"name": "103256",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103256"
},
{
"name": "1040520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040520"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka \"Microsoft Video Control Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0881"
},
{
"name": "103256",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103256"
},
{
"name": "1040520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040520"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka \"Microsoft Video Control Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0881",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0881"
},
{
"name": "103256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103256"
},
{
"name": "1040520",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040520"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0881",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-16T23:16:48.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0817 (GCVE-0-2018-0817)
Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-17 01:22
VLAI?
Summary
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0816.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0817"
},
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103249",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103249"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0815 and CVE-2018-0816."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0817"
},
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103249",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103249"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0815 and CVE-2018-0816."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0817",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0817"
},
{
"name": "1040515",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103249",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103249"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0817",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T01:22:11.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0815 (GCVE-0-2018-0815)
Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-17 00:32
VLAI?
Summary
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0816, and CVE-2018-0817.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103234",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0816, and CVE-2018-0817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103234",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0816, and CVE-2018-0817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040515",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103234",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103234"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0815",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T00:32:14.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0810 (GCVE-0-2018-0810)
Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-17 00:56
VLAI?
Summary
The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0757.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1, Windows Server 2008, and Windows Server 2012
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102938",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102938"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1, Windows Server 2008, and Windows Server 2012"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka \"Windows Kernel Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0757."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "102938",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102938"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1, Windows Server 2008, and Windows Server 2012"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka \"Windows Kernel Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0757."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102938",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102938"
},
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0810",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T00:56:06.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0842 (GCVE-0-2018-0842)
Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-16 16:43
VLAI?
Summary
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:10.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102946",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102946"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842"
},
{
"name": "1040371",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040371"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka \"Windows Kernel Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "102946",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102946"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842"
},
{
"name": "1040371",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040371"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka \"Windows Kernel Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102946"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842"
},
{
"name": "1040371",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040371"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0842",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-16T16:43:29.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0829 (GCVE-0-2018-0829)
Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-17 03:49
VLAI?
Summary
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0830 and CVE-2018-0832.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829"
},
{
"name": "102948",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102948"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0830 and CVE-2018-0832."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829"
},
{
"name": "102948",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102948"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0830 and CVE-2018-0832."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829"
},
{
"name": "102948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102948"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0829",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T03:49:14.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0830 (GCVE-0-2018-0830)
Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-16 16:48
VLAI?
Summary
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0832.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830"
},
{
"name": "102949",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102949"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0829 and CVE-2018-0832."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830"
},
{
"name": "102949",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102949"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0829 and CVE-2018-0832."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830"
},
{
"name": "102949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102949"
},
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0830",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-16T16:48:17.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0809 (GCVE-0-2018-0809)
Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-17 04:29
VLAI?
Summary
The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 10, versions 1703 and 1709, and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102933",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102933"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 10, versions 1703 and 1709, and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102933",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102933"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 10, versions 1703 and 1709, and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809"
},
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102933",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102933"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0809",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T04:29:36.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0832 (GCVE-0-2018-0832)
Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-16 18:59
VLAI?
Summary
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0830.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44146",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44146/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832"
},
{
"name": "102923",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102923"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0829 and CVE-2018-0830."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-22T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "44146",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44146/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832"
},
{
"name": "102923",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102923"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0829 and CVE-2018-0830."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44146",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44146/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832"
},
{
"name": "102923",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102923"
},
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0832",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-16T18:59:11.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0831 (GCVE-0-2018-0831)
Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-17 00:10
VLAI?
Summary
The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831"
},
{
"name": "102943",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka \"Windows Kernel Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831"
},
{
"name": "102943",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102943"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka \"Windows Kernel Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831"
},
{
"name": "102943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102943"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0831",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T00:10:50.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0828 (GCVE-0-2018-0828)
Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-17 03:23
VLAI?
Summary
Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 10 version 1607 and Windows Server 2016
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102935"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 10 version 1607 and Windows Server 2016"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka \"Windows Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102935"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 10 version 1607 and Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka \"Windows Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102935"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0828",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T03:23:48.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1038 (GCVE-0-2018-1038)
Vulnerability from nvd – Published: 2018-04-02 13:00 – Updated: 2024-09-17 03:18
VLAI?
Summary
The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability."
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1 and Windows Server 2008 R2 SP1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103549"
},
{
"name": "44581",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44581/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.xpnsec.com/total-meltdown-cve-2018-1038/"
},
{
"name": "1040632",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040632"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1 and Windows Server 2008 R2 SP1"
}
]
}
],
"datePublic": "2018-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka \"Windows Kernel Elevation of Privilege Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-03T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103549"
},
{
"name": "44581",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44581/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.xpnsec.com/total-meltdown-cve-2018-1038/"
},
{
"name": "1040632",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040632"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-29T00:00:00",
"ID": "CVE-2018-1038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1 and Windows Server 2008 R2 SP1"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka \"Windows Kernel Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103549"
},
{
"name": "44581",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44581/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038"
},
{
"name": "https://blog.xpnsec.com/total-meltdown-cve-2018-1038/",
"refsource": "MISC",
"url": "https://blog.xpnsec.com/total-meltdown-cve-2018-1038/"
},
{
"name": "1040632",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040632"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-1038",
"datePublished": "2018-04-02T13:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T03:18:09.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0886 (GCVE-0-2018-0886)
Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-17 01:17
VLAI?
Summary
The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040506"
},
{
"name": "103265",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103265"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.preempt.com/security-advisory-credssp"
},
{
"name": "44453",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44453/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/preempt/credssp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka \"CredSSP Remote Code Execution Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-20T17:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040506"
},
{
"name": "103265",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103265"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.preempt.com/security-advisory-credssp"
},
{
"name": "44453",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44453/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/preempt/credssp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka \"CredSSP Remote Code Execution Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040506",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040506"
},
{
"name": "103265",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103265"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886"
},
{
"name": "https://blog.preempt.com/security-advisory-credssp",
"refsource": "MISC",
"url": "https://blog.preempt.com/security-advisory-credssp"
},
{
"name": "44453",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44453/"
},
{
"name": "https://github.com/preempt/credssp",
"refsource": "MISC",
"url": "https://github.com/preempt/credssp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0886",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T01:17:03.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0977 (GCVE-0-2018-0977)
Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-17 02:21
VLAI?
Summary
The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka "Win32k Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0977"
},
{
"name": "1040520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040520"
},
{
"name": "103380",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103380"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka \"Win32k Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0977"
},
{
"name": "1040520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040520"
},
{
"name": "103380",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103380"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka \"Win32k Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0977",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0977"
},
{
"name": "1040520",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040520"
},
{
"name": "103380",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103380"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0977",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T02:21:25.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0816 (GCVE-0-2018-0816)
Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-17 01:57
VLAI?
Summary
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0817.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816"
},
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103248",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103248"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0815 and CVE-2018-0817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816"
},
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103248",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103248"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0816",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0815 and CVE-2018-0817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0816"
},
{
"name": "1040515",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103248"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0816",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T01:57:03.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0881 (GCVE-0-2018-0881)
Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-16 23:16
VLAI?
Summary
The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka "Microsoft Video Control Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:10.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0881"
},
{
"name": "103256",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103256"
},
{
"name": "1040520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040520"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka \"Microsoft Video Control Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0881"
},
{
"name": "103256",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103256"
},
{
"name": "1040520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040520"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka \"Microsoft Video Control Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0881",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0881"
},
{
"name": "103256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103256"
},
{
"name": "1040520",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040520"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0881",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-16T23:16:48.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0817 (GCVE-0-2018-0817)
Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-17 01:22
VLAI?
Summary
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0816.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0817"
},
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103249",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103249"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0815 and CVE-2018-0816."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0817"
},
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103249",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103249"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0815 and CVE-2018-0816."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0817",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0817"
},
{
"name": "1040515",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103249",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103249"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0817",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T01:22:11.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0815 (GCVE-0-2018-0815)
Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-17 00:32
VLAI?
Summary
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0816, and CVE-2018-0817.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103234",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1"
}
]
}
],
"datePublic": "2018-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0816, and CVE-2018-0817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103234",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-03-14T00:00:00",
"ID": "CVE-2018-0815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows GDI Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0816, and CVE-2018-0817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040515",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040515"
},
{
"name": "103234",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103234"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0815",
"datePublished": "2018-03-14T17:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T00:32:14.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0810 (GCVE-0-2018-0810)
Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-17 00:56
VLAI?
Summary
The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0757.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1, Windows Server 2008, and Windows Server 2012
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102938",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102938"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1, Windows Server 2008, and Windows Server 2012"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka \"Windows Kernel Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0757."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "102938",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102938"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1, Windows Server 2008, and Windows Server 2012"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka \"Windows Kernel Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0757."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102938",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102938"
},
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0810",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T00:56:06.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0842 (GCVE-0-2018-0842)
Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-16 16:43
VLAI?
Summary
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:10.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102946",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102946"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842"
},
{
"name": "1040371",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040371"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka \"Windows Kernel Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "102946",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102946"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842"
},
{
"name": "1040371",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040371"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka \"Windows Kernel Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102946"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842"
},
{
"name": "1040371",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040371"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0842",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-16T16:43:29.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0829 (GCVE-0-2018-0829)
Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-17 03:49
VLAI?
Summary
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0830 and CVE-2018-0832.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829"
},
{
"name": "102948",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102948"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0830 and CVE-2018-0832."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829"
},
{
"name": "102948",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102948"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0830 and CVE-2018-0832."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829"
},
{
"name": "102948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102948"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0829",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T03:49:14.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0830 (GCVE-0-2018-0830)
Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-16 16:48
VLAI?
Summary
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0832.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830"
},
{
"name": "102949",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102949"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0829 and CVE-2018-0832."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830"
},
{
"name": "102949",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102949"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0829 and CVE-2018-0832."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830"
},
{
"name": "102949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102949"
},
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0830",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-16T16:48:17.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0809 (GCVE-0-2018-0809)
Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-17 04:29
VLAI?
Summary
The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 10, versions 1703 and 1709, and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102933",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102933"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 10, versions 1703 and 1709, and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102933",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102933"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 10, versions 1703 and 1709, and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka \"Windows Elevation of Privilege Vulnerability\". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809"
},
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102933",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102933"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0809",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T04:29:36.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0832 (GCVE-0-2018-0832)
Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-16 18:59
VLAI?
Summary
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0830.
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44146",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44146/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832"
},
{
"name": "102923",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102923"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0829 and CVE-2018-0830."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-22T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "44146",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44146/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832"
},
{
"name": "102923",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102923"
},
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka \"Windows Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0829 and CVE-2018-0830."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44146",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44146/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832"
},
{
"name": "102923",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102923"
},
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0832",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-16T18:59:11.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0831 (GCVE-0-2018-0831)
Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-17 00:10
VLAI?
Summary
The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831"
},
{
"name": "102943",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka \"Windows Kernel Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831"
},
{
"name": "102943",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102943"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka \"Windows Kernel Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831"
},
{
"name": "102943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102943"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0831",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T00:10:50.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0828 (GCVE-0-2018-0828)
Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-17 03:23
VLAI?
Summary
Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability".
Severity ?
No CVSS data available.
CWE
- Important
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft Corporation | Windows |
Affected:
Windows 10 version 1607 and Windows Server 2016
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102935"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows 10 version 1607 and Windows Server 2016"
}
]
}
],
"datePublic": "2018-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka \"Windows Elevation of Privilege Vulnerability\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Important",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102935"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC": "2018-02-13T00:00:00",
"ID": "CVE-2018-0828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "Windows 10 version 1607 and Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka \"Windows Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Important"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040373"
},
{
"name": "102935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102935"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0828",
"datePublished": "2018-02-15T02:00:00Z",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-09-17T03:23:48.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}