CVE-2018-8637
Description
An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka Win32k Information Disclosure Vulnerability. This affects Windows 10 Servers, Windows 10, Windows Server 2019.
Risk Information
Base Score
4.6
MODERATE
Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
1.004
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4471324) - Delta | Windows |
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4471324) - Cumulative | Windows |
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4471324) - Delta | Windows |
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4471324) - Cumulative | Windows |
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4471324) - Cumulative | Windows |
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4471324) - Delta | Windows |
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB4471332) - Cumulative | Windows |
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows Server 2019 for x64-based Systems (KB4471332) - Cumulative | Windows |
| Chakra Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB4471332) - Cumulative | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-25788 | 2018-12 Delta Update for Windows Server 2016 (1803) for x64-based Systems (KB4471324) |
| PATCH-25789 | 2018-12 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4471324) |
| PATCH-25790 | 2018-12 Delta Update for Windows 10 Version 1803 for x64-based Systems (KB4471324) |
| PATCH-25791 | 2018-12 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4471324) |
| PATCH-25792 | 2018-12 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4471324) |
| PATCH-25793 | 2018-12 Delta Update for Windows 10 Version 1803 for x86-based Systems (KB4471324) |
| PATCH-25794 | 2018-12 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4471332) |
| PATCH-25795 | 2018-12 Cumulative Update for Windows Server 2019 for x64-based Systems (KB4471332) |
| PATCH-25796 | 2018-12 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB4471332) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234