CVE-2018-8126 — Microsoft Internet Explorer 11 vulnerability

5 documents5 sources

Severity

8.8HIGHNVD

EPSS

22.4%

top 4.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer 11 Microsoft Internet Explorer

Timeline

PublishedMay 9

Latest updateMay 13

Description

A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer11

▶CVEListV5microsoft/internet_explorer_1111 versions+10

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-mv59-m2pm-94rh: A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies, aka "Internet Explor↗2022-05-13

▶

CVEList

CVE-2018-8126: A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies, aka "Internet Explor↗2018-05-09

▶

💥Exploits & PoCs

Exploit-DB

SaltOS Erp Crm 3.1 r8126 - SQL Injection (2)↗2018-10-29

▶

📋Vendor Advisories

Microsoft

Internet Explorer Security Feature Bypass Vulnerability↗2018-05-08

▶