Main Vulnerability Database Exploits ID:10239 - Exploit for Exposure of resource to wrong sphere in Microsoft products - CVE-2024-38112

ID:10239 - Exploit for Exposure of resource to wrong sphere in Microsoft products - CVE-2024-38112

Published: July 23, 2024

Vulnerability identifier: #VU93902

Vulnerability risk: Critical

CVE-ID: CVE-2024-38112

CWE-ID: CWE-668

Exploitation vector: Remote access

Vulnerable software:
Microsoft Internet Explorer
Windows
Windows Server

Link to public exploit:

https://cpr-zero.checkpoint.com/vulns/cprid-2198/

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper input validation. A remote attacker can perform spoofing attack and trick the victim to execute a specially crafted file.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Install updates from vendor's website.

ID:10239 - Exploit for Exposure of resource to wrong sphere in Microsoft products - CVE-2024-38112

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human