Vulnerability Details CVE-2018-0949
A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.247
EPSS Ranking 96.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/104622
- http://www.securitytracker.com/id/1041258
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0949
- http://www.securityfocus.com/bid/104622
- http://www.securitytracker.com/id/1041258
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0949
Products affected by CVE-2018-0949
-
cpe:2.3:a:microsoft:internet_explorer:10
-
cpe:2.3:a:microsoft:internet_explorer:11
-
cpe:2.3:a:microsoft:internet_explorer:9
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20520
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20520
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24116
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24768
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24919
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24975
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25031
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25073
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-