CVE-2018-8420

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_server:2008:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server:2008:r2:sp1:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server:2012:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server:2012:r2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*
cpe:2.3:o:microsoft:windows_server:2016:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server:2008:r2:sp1:*:*:*:itanium:*
cpe:2.3:o:microsoft:windows_server:2016:1709:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server:2016:1803:*:*:*:*:*:*

Information

Published : 2018-09-12 17:29

Updated : 2018-11-19 06:20


NVD link : CVE-2018-8420

Mitre link : CVE-2018-8420


JSON object : View

CWE
CWE-611

Improper Restriction of XML External Entity Reference

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows_8.1
  • windows_7
  • windows_server
  • windows_10