[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

126348

 
 

909

 
 

102767

 
 

150

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-1009Date: (C)2018-04-12   (M)2018-11-15


An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.8CVSS Score : 7.2
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 5.9Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: COMPLETE
Confidentiality: HIGHAvailability: COMPLETE
Integrity: HIGH 
Availability: HIGH 
  
Reference:
BID-103654
SECTRACK-1040673
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1009

CPE    7
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_10:1511
cpe:/o:microsoft:windows_server_2016
...
CWE    1
CWE-264
OVAL    10
oval:org.secpod.oval:def:44999
oval:org.secpod.oval:def:45006
oval:org.secpod.oval:def:44998
oval:org.secpod.oval:def:45013
...

© SecPod Technologies