New Search

Windows Remote Code Execution Vulnerability - CVE-2018-8475

oval:org.cisecurity:def:5948

A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files. An attacker who successfully exploited the vulnerability could execute arbitrary code. To exploit the vulnerability an attacker would have to convince a user to download an image file. The update addresses the vulnerability by properly handling image files.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2012
  • Microsoft Windows 8.1
  • Microsoft Windows 7
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012 R2
Class:
vulnerability
Reference(s):
  • CVE-2018-8475
  • MSRC-CVE-2018-8475
  • KB4457145
  • KB4457984
  • KB4457140
  • KB4457143
  • KB4457132
  • KB4457131
  • KB4457138
  • KB4457142
  • KB4457128
Product(s):