9.3

CVE-2018-0986

Exploit

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

Data is provided by the National Vulnerability Database (NVD)
MicrosoftExchange Server Version2013 Update-
MicrosoftExchange Server Version2016 Update-
MicrosoftSystem Center Endpoint Protection Version2012 Updater2
MicrosoftWindows Defender Version-
   MicrosoftWindows 10 Version-
   MicrosoftWindows 10 Version1511
   MicrosoftWindows 10 Version1607
   MicrosoftWindows 10 Version1703
   MicrosoftWindows 10 Version1709
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1
   MicrosoftWindows Rt 8.1
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012
   MicrosoftWindows Server 2012 Versionr2
   MicrosoftWindows Server 2016
   MicrosoftWindows Server 2016 Version1709
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 76.02% 0.989
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://www.securityfocus.com/bid/103593
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040631
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/44402/
Third Party Advisory
Exploit
VDB Entry