Internet Explorer Elevation of Privilege Vulnerability - CVE-2018-0942ID: oval:org.secpod.oval:def:44585 | Date: (C)2018-03-15 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
An elevation of privilege vulnerability exists when Internet Explorer fails a check, allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.
This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.
The update addresses the vulnerability by correcting how Internet Explorer handles zone and integrity settings.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Product: |
Microsoft Internet Explorer 11 |