An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka âWindows NDIS Elevation of Privilege Vulnerability.â This affects Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8343.
[
{
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1"
}
]
},
{
"product": "Windows Server 2008 R2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Itanium-Based Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "x64-based Systems Service Pack 1 (Server Core installation)"
}
]
}
]