cpe:/o:microsoft:windows_10:- cpe:/o:microsoft:windows_10:1607 cpe:/o:microsoft:windows_10:1703 cpe:/o:microsoft:windows_10:1709 cpe:/o:microsoft:windows_10:1803 cpe:/o:microsoft:windows_7:-:sp1 cpe:/o:microsoft:windows_8.1:- cpe:/o:microsoft:windows_rt_8.1:- cpe:/o:microsoft:windows_server_2008:-:sp2 cpe:/o:microsoft:windows_server_2008:-:sp2:~~~~x64~ cpe:/o:microsoft:windows_server_2008:-:sp2:~~itanium~~~ cpe:/o:microsoft:windows_server_2008:r2:sp1:~~~~x64~ cpe:/o:microsoft:windows_server_2008:r2:sp1:~~itanium~~~ cpe:/o:microsoft:windows_server_2012:- cpe:/o:microsoft:windows_server_2012:r2 cpe:/o:microsoft:windows_server_2016:- cpe:/o:microsoft:windows_server_2016:1709 cpe:/o:microsoft:windows_server_2016:1803 CVE-2018-8339 2018-08-15T13:29:03.800-04:00 2019-10-02T20:03:26.223-04:00 6.9 LOCAL MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2018-09-06T11:56:12.773-04:00 SECTRACK 1041466 BID 105030 CONFIRM https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8339 An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior, aka "Windows Installer Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.