CVE-2018-8336

Опубликовано: 13 сент. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8419, CVE-2018-8442, CVE-2018-8443, CVE-2018-8445, CVE-2018-8446.

Ссылки

http://www.securityfocus.com/bid/105246
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041635
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8336
Patch
Vendor Advisory
http://www.securityfocus.com/bid/105246
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041635
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8336
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:itanium:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:itanium:*:*:*

EPSS

Процентиль: 89%

0.04971

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2018-8336

CVSS3: 2.5

msrc

почти 7 лет назад

Windows Kernel Information Disclosure Vulnerability

GHSA-47rg-whfw-x6q6