CVE-2018-8470
Description
A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka Internet Explorer Security Feature Bypass Vulnerability. This affects Internet Explorer 11.
Risk Information
Base Score
4.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
0.81
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4457128) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4457128) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4457128) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4457128) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4457128) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4457128) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4457138) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4457138) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4457138) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4457138) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB4457132) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1507 for x86-based Systems (KB4457132) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 8.1 for x86-based Systems (KB4457129) | Windows |
| Windows Remote Code Execution Vulnerability for Windows 8.1 for x64-based Systems (KB4457129) | Windows |
| Windows Remote Code Execution Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB4457129) | Windows |
| Windows Remote Code Execution Vulnerability for Windows Server 2016 for x64-based Systems (KB4457131) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4457131) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows Server 2016 for x64-based Systems (KB4457131) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4457131) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4457131) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4457131) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4457142) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows Server 2016 (1709) for x64-based Systems (KB4457142) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4457142) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4457142) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows Server 2016 (1709) for x64-based Systems (KB4457142) - Delta | Windows |
| Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4457142) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 11 for Windows 8.1 for x64-based systems (KB4457426) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 11 for Windows 8.1 for x86-based systems (KB4457426) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 10 for Windows Server 2012 for x64-based systems (KB4457426) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 9 for Windows Server 2008 for x64-based systems (KB4457426) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 11 for Windows Server 2008 R2 for x64-based systems (KB4457426) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 11 for Windows Server 2012 R2 for x64-based systems (KB4457426) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 11 for Windows 7 for x86-based systems (KB4457426) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 9 for Windows Server 2008 for x86-based systems (KB4457426) - Cumulative | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 11 for Windows 7 for x64-based systems (KB4457426) - Cumulative | Windows |
| Windows Remote Code Execution Vulnerability for Windows 7 for x64-based Systems (KB4457144) | Windows |
| Windows Remote Code Execution Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4457144) | Windows |
| Windows Remote Code Execution Vulnerability for Windows 7 for x86-based Systems (KB4457144) | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 9 for Windows Server 2008 for x86-based systems (KB4457426) | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 9 for Windows Server 2008 for x64-based systems (KB4457426) | Windows |
| Internet Explorer Security Feature Bypass Vulnerability for Internet Explorer 10 for Windows Server 2012 for x64-based systems (KB4457426) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-25292 | 2018-09 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4457128) |
| PATCH-25293 | 2018-09 Delta Update for Windows 10 Version 1803 for x64-based Systems (KB4457128) |
| PATCH-25294 | 2018-09 Delta Update for Windows Server 2016 (1803) for x64-based Systems (KB4457128) |
| PATCH-25295 | 2018-09 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4457128) |
| PATCH-25296 | 2018-09 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4457128) |
| PATCH-25297 | 2018-09 Delta Update for Windows 10 Version 1803 for x86-based Systems (KB4457128) |
| PATCH-25280 | 2018-09 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB4457132) |
| PATCH-25281 | 2018-09 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB4457132) |
| PATCH-25313 | 2018-09 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB4457129) |
| PATCH-25314 | 2018-09 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB4457129) |
| PATCH-25315 | 2018-09 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4457129) |
| PATCH-25274 | 2018-09 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4457131) |
| PATCH-25275 | 2018-09 Delta Update for Windows 10 Version 1607 for x86-based Systems (KB4457131) |
| PATCH-25276 | 2018-09 Delta Update for Windows Server 2016 for x64-based Systems (KB4457131) |
| PATCH-25277 | 2018-09 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4457131) |
| PATCH-25278 | 2018-09 Delta Update for Windows 10 Version 1607 for x64-based Systems (KB4457131) |
| PATCH-25279 | 2018-09 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4457131) |
| PATCH-25286 | 2018-09 Delta Update for Windows 10 Version 1709 for x64-based Systems (KB4457142) |
| PATCH-25287 | 2018-09 Cumulative Update for Windows Server 2016 (1709) for x64-based Systems (KB4457142) |
| PATCH-25288 | 2018-09 Delta Update for Windows 10 Version 1709 for x86-based Systems (KB4457142) |
| PATCH-25289 | 2018-09 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4457142) |
| PATCH-25290 | 2018-09 Delta Update for Windows Server 2016 (1709) for x64-based Systems (KB4457142) |
| PATCH-25291 | 2018-09 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4457142) |
| PATCH-25298 | 2018-09 Cumulative Security Update for Internet Explorer 11 for Windows 8.1 for x64-based systems (KB4457426) |
| PATCH-25299 | 2018-09 Cumulative Security Update for Internet Explorer 11 for Windows 8.1 for x86-based systems (KB4457426) |
| PATCH-25300 | 2018-09 Cumulative Security Update for Internet Explorer 10 for Windows Server 2012 for x64-based systems (KB4457426) |
| PATCH-25301 | 2018-09 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 for x64-based systems (KB4457426) |
| PATCH-25302 | 2018-09 Cumulative Security Update for Internet Explorer 11 for Windows Server 2008 R2 for x64-based systems (KB4457426) |
| PATCH-25303 | 2018-09 Cumulative Security Update for Internet Explorer 11 for Windows Server 2012 R2 for x64-based systems (KB4457426) |
| PATCH-25304 | 2018-09 Cumulative Security Update for Internet Explorer 11 for Windows 7 for x86-based systems (KB4457426) |
| PATCH-25305 | 2018-09 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 for x86-based systems (KB4457426) |
| PATCH-25306 | 2018-09 Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based systems (KB4457426) |
| PATCH-25310 | 2018-09 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4457144) |
| PATCH-25311 | 2018-09 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4457144) |
| PATCH-25312 | 2018-09 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4457144) |
| PATCH-25271 | 2018-09 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 for x86-based systems (KB4457426) |
| PATCH-25272 | 2018-09 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 for x64-based systems (KB4457426) |
| PATCH-25273 | 2018-09 Cumulative Security Update for Internet Explorer 10 for Windows Server 2012 for x64-based systems (KB4457426) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234