|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-06-04 | |
| Rule Name: | Microsoft Windows VBScript Engine Use After Free Vulnerability -1 (CVE-2018-8174) | |
| Severity: | ||
| CVE ID: | ||
| CNNVD ID: | ||
| Rule Protection Details |
|---|
| Description: | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |
| Impact: | A use-after-free vulnerability can be exploited by an attacker in the vulnerable product. Successful exploit may cause some adverse consequences, such as crash of the product, execution of arbitrary code. | |
| Affected OS: | Windows | |
| Reference: | https://blog.0patch.com/2018/05/a-single-instruction-micropatch-for.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8174 ExploitDB:44741 |
|
| Solutions |
|---|
| Microsoft has published advisories on the official website. For more information, please visit: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8174 |