ID CVE-2018-1038
Summary The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
CVSS
Base: 7.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 103549
confirm https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038
exploit-db 44581
misc https://blog.xpnsec.com/total-meltdown-cve-2018-1038/
sectrack 1040632
Last major update 03-10-2019 - 00:03
Published 02-04-2018 - 13:29
Last modified 03-10-2019 - 00:03
Back to Top