CVE-2018-8316 – Microsoft Office Word Preview Unsafe Hyperlink Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8316
A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 11, Internet Explorer 10. Existe una vulnerabilidad de ejecución remota de código cuando Internet Explorer valida incorrectamente hipervínculos antes de cargar librerías ejecutables. Esto también se conoce como "Internet Explorer Remote Code Execution Vulnerability". Esto afecta a Internet Explorer 11 e Internet Explorer 10. • http://www.securityfocus.com/bid/105013 http://www.securitytracker.com/id/1041483 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8316 • CWE-20: Improper Input Validation •
CVE-2018-8371 – Microsoft Windows VBScript Class_Terminate Use After Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8371
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting gestiona los objetos en la memoria en Internet Explorer. Esto también se conoce como "Scripting Engine Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/105035 http://www.securitytracker.com/id/1041483 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8371 • CWE-787: Out-of-bounds Write •
CVE-2018-8405 – Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-8405
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8401, CVE-2018-8406. Existe una vulnerabilidad de elevación de privilegios cuando el controlador DirectX Graphics Kernel (DXGKRNL) gestiona incorrectamente los objetos en la memoria. Esto también se conoce como "DirectX Graphics Kernel Elevation of Privilege Vulnerability". • http://www.securityfocus.com/bid/105011 http://www.securitytracker.com/id/1041461 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8405 • CWE-404: Improper Resource Shutdown or Release •
CVE-2018-8345 – Microsoft Windows LNK File Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8345
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed, aka "LNK Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8346. Existe una vulnerabilidad de ejecución remota de código en Microsoft Windows que podría permitir la ejecución remota de código si se procesa un archivo .LNK. Esto también se conoce como "LNK Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/105027 http://www.securitytracker.com/id/1041473 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8345 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2018-8282 – Microsoft Windows Child Window NULL Pointer Dereference Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-8282
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. Existe una vulnerabilidad de elevación de privilegios en Windows cuando el controlador kernel-mode de Windows no gestiona adecuadamente los objetos en la memoria. Esto también se conoce como "Win32k Elevation of Privilege Vulnerability". Esto afecta a Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10 y Windows 10 Servers. • http://www.securityfocus.com/bid/104668 http://www.securitytracker.com/id/1041263 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8282 • CWE-404: Improper Resource Shutdown or Release •