VDB
CNVD-2018-10992
CNVD-2018-10992
PUBLISHED
CVSS 7.5 HIGH
Microsoft Windows是流行的计算机操作系统。 Microsoft Windows “Microsoft COM for Windows”无法正确处理序列化对象,允许远程攻击者利用漏洞特殊的文件或脚本,诱使用户解析,可执行任意代码。
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_7 | 0 |
| microsoft | windows_rt_8.1 | 0 |
| microsoft | windows_8.1 | 0 |
| microsoft | windows_server_2016 | 1709, 0, 1803 |
| microsoft | windows_10 | 1703, 1709, 0 |
| microsoft | windows_server_2012 | 0, r2 |
| n/a | n/a | n/a |
| microsoft | windows_server_2008 | *, 0, r2 |
Timeline
- Apr 19, 2018 CVE Published
- Oct 25, 2018 PoC Published
- Oct 13, 2022 PoC Published
- Aug 5, 2024 PoC Published
- Aug 29, 2024 PoC Published
- Feb 6, 2025 PoC Published
- Feb 13, 2025 PoC Published
- Feb 23, 2025 PoC Published
- Feb 23, 2025 PoC Published
- Aug 31, 2025 PoC Published
- Feb 2, 2026 PoC Published