Lucene search
MicrosoftCVE-2018-0987HistoryApr 12, 2018 - 1:29 a.m.
CVE-2018-0987
2018-04-1201:29:07
microsoft
web.nvd.nist.gov
56
cve-2018-0987
information disclosure
scripting engine
internet explorer
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0.007
Percentile
80.0%
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer, aka âScripting Engine Information Disclosure Vulnerability.â This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0989, CVE-2018-1000.
Affected configurations
Node
microsoftinternet_explorerMatch10
microsoftwindows_server_2012
Node
microsoftinternet_explorerMatch11
microsoftwindows_10Match-
ORmicrosoftwindows_10Match1511
ORmicrosoftwindows_10Match1607
ORmicrosoftwindows_10Match1703
ORmicrosoftwindows_10Match1709
ORmicrosoftwindows_7sp1
ORmicrosoftwindows_8.1
ORmicrosoftwindows_rt_8.1
ORmicrosoftwindows_server_2008Matchr2sp1
ORmicrosoftwindows_server_2012Matchr2
ORmicrosoftwindows_server_2016
Node
microsoftinternet_explorerMatch9
microsoftwindows_server_2008sp2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | internet_explorer | 10 | cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:* |
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 11 | cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:* |
| microsoft | windows_10 | - | cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1511 | cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1607 | cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1703 | cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1709 | cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
| microsoft | windows_7 | * | cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:* |
| microsoft | windows_8.1 | * | cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Internet Explorer 9",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "Windows Server 2008 for x64-based Systems Service Pack 2"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Internet Explorer 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2012"
}
]
}
]Related
nvd
nvd
cve
cve
cvelist
cvelist
prion
prion
Information disclosure
2018-04-12 01:29:00
Information disclosure
2018-04-12 01:29:00
Information disclosure
2018-04-12 01:29:00
zdi
zdi
symantec
symantec
mscve
mscve
Scripting Engine Information Disclosure Vulnerability
2018-04-10 07:00:00
Scripting Engine Information Disclosure Vulnerability
2018-04-10 07:00:00
Scripting Engine Memory Corruption Vulnerability
2018-04-10 07:00:00
nessus
nessus
Security Updates for Internet Explorer (April 2018)
2018-04-10 00:00:00
EulerOS Virtualization for ARM 64 3.0.3.0 : gnupg2 (EulerOS-SA-2019-2349)
2019-12-03 00:00:00
EulerOS 2.0 SP5 : python (EulerOS-SA-2020-1126)
2020-02-24 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: April 10, 2018
2018-04-10 07:00:00
April 10, 2018âKB4093123 (Monthly Rollup)
2018-04-10 07:00:00
April 10, 2018âKB4093118 (Monthly Rollup)
2018-04-10 07:00:00
kaspersky
kaspersky
KLA11222 Multiple vulnerabilities in Microsoft Browsers
2018-04-10 00:00:00
KLA11896 Multiple vulnerabilities in Microsoft Products (ESU)
2018-04-10 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: godot-3.0.6-1.fc29
2018-09-21 05:38:36
[SECURITY] Fedora 27 Update: godot-3.0.6-1.fc27
2018-09-11 14:56:38
[SECURITY] Fedora 28 Update: godot-3.0.6-1.fc28
2018-08-31 21:17:31
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4093118)
2018-04-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4093114)
2018-04-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4093111)
2018-04-11 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - April 2018
2018-04-10 13:13:00
trendmicroblog
trendmicroblog
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0.007
Percentile
80.0%
Related for CVE-2018-0987