1. Home
  2. CVE Database
  3. CVE-2018-0927
MEDIUM · 4.3

CVE-2018-0927

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511,...

Vulnerability Description

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability".

CVSS Score

4.3

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
MicrosoftInternet Explorer10
MicrosoftWindows Server 2012-
MicrosoftWindows 10-
MicrosoftWindows 7-
MicrosoftWindows 8.1All versions
MicrosoftWindows Rt 8.1-
MicrosoftWindows Server 2008r2
MicrosoftWindows Server 2016-
MicrosoftEdgeAll versions

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2018-0927?

CVE-2018-0927 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511,...

How severe is CVE-2018-0927?

CVE-2018-0927 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-0927?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer, Microsoft Windows Server 2012, Microsoft Windows 10, Microsoft Windows 7, Microsoft Windows 8.1.