CyberSec.Space Logo
Back to CVE Browser

CVE-2018-0986

HIGH
8.8
CVSS Severity Score
EPSS Score0.1620%
EPSS Percentile7.09th
PublishedApr 4, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

Affected Platforms (CPE)

πŸ“¦
Microsoft

Exchange Server

= 2013
πŸ“¦
Microsoft

Exchange Server

= 2016
πŸ“¦
Microsoft

Security Essentials

All versions
πŸ“¦
Microsoft

Forefront Endpoint Protection 2010

All versions
πŸ“¦
Microsoft

Intune Endpoint Protection

All versions
πŸ“¦
Microsoft

System Center Endpoint Protection

All versions
πŸ“¦
Microsoft

System Center Endpoint Protection

= 2012
πŸ“¦
Microsoft

System Center Endpoint Protection

= 2012
πŸ“¦
Microsoft

Windows Defender

All versions

References & Advisories

πŸ”— http://www.securityfocus.com/bid/103593
πŸ”— http://www.securitytracker.com/id/1040631
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986
πŸ”— https://www.exploit-db.com/exploits/44402/
πŸ”— http://www.securityfocus.com/bid/103593
πŸ”— http://www.securitytracker.com/id/1040631
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986
πŸ”— https://www.exploit-db.com/exploits/44402/

Related Vulnerabilities

CVE-2004-084010.0

The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 200...

CVE-2006-662710.0

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivi...

CVE-2004-057410.0

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, ...

CVE-2007-021310.0

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows...