Vulnerability Name: | CVE-2018-0997 (CCN-140801) | ||||||||||||
Assigned: | 2017-12-01 | ||||||||||||
Published: | 2018-04-10 | ||||||||||||
Updated: | 2020-08-24 | ||||||||||||
Summary: | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-1018, CVE-2018-1020. | ||||||||||||
CVSS v3 Severity: | 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) 6.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)
6.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 7.6 High (CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-787 | ||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2018-0997 Source: BID Type: Third Party Advisory, VDB Entry 103618 Source: CCN Type: BID-103618 Microsoft Internet Explorer CVE-2018-0997 Remote Memory Corruption Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1040653 Source: XF Type: UNKNOWN ms-ie-cve20180997-code-exec(140801) Source: CCN Type: Microsoft Security TechCenter - April 2018 Internet Explorer Memory Corruption Vulnerability Source: CONFIRM Type: Patch, Vendor Advisory https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0997 | ||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
BACK |