CVE-2018-0868

Published: 14/03/2018 Updated: 03/10/2019

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how input is sanitized, aka "Windows Installer Elevation of Privilege Vulnerability".

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 10 1511
microsoft windows 10 1607
microsoft windows server 2016 -
microsoft windows 8.1
microsoft windows server 2008 -
microsoft windows server 2008 r2
microsoft windows 7 -
microsoft windows rt 8.1 -
microsoft windows 10 1703
microsoft windows server 2012 -
microsoft windows 10 -
microsoft windows 10 1709
microsoft windows server 2016 1709
microsoft windows server 2012 r2

It's March 2018, and your Windows PC can be pwned by a web article (well, none of OURS)

The Register • Shaun Nichols in San Francisco • 13 Mar 2018

Plus plenty of other Microsoft and Adobe bugs to fix

Patch Tuesday Microsoft delivered another hefty bundle of patches with its scheduled monthly update. The March edition of Patch Tuesday lands just hours before researchers are expected to flaunt their latest and greatest exploits at the CanSecWest Pwn2Own hacking competition in Vancouver. Hopefully nobody was planning to use any of the 75 CVE-listed vulnerabilities Microsoft addressed today, including several for the Edge and Internet Explorer browsers that would allow remote code execution. The...

CVE-2018-0868

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect