CVE-2018-0949

MEDIUM

Description

A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

References

http://www.securityfocus.com/bid/104622

http://www.securitytracker.com/id/1041258

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0949

Details

Source: MITRE

Published: 2018-07-11

Updated: 2019-10-03

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM