New Search

Windows Elevation of Privilege Vulnerability - CVE-2018-8468

oval:org.cisecurity:def:5973

An elevation of privilege vulnerability exists in Windows that allows a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution. However the vulnerability could allow arbitrary code to run if an attacker uses it in combination with another vulnerability such as a remote code execution vulnerability or another elevation of privilege vulnerability that can leverage the elevated privileges when code execution is attempted. The security update addresses the vulnerability by correcting how Windows parses files.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008
  • Microsoft Windows 7
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
Class:
vulnerability
Reference(s):
  • CVE-2018-8468
  • MSRC-CVE-2018-8468
  • KB4457145
  • KB4457984
  • KB4457140
  • KB4457143
  • KB4457132
  • KB4457131
  • KB4457138
  • KB4457142
  • KB4457128
Product(s):