Main Vulnerability Database Exploits ID:9197 - Exploit for Improper input validation in Windows and Windows Server - CVE-2018-0959

ID:9197 - Exploit for Improper input validation in Windows and Windows Server - CVE-2018-0959

Published: July 20, 2023

Vulnerability identifier: #VU12502

Vulnerability risk: Medium

CVE-ID: CVE-2018-0959

CWE-ID: CWE-20

Exploitation vector: Adjecent network

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/pwndorei/CVE-2018-0959

Vulnerability description

The vulnerability allows a remote attacker to compromise vulnerable host operating system.

The vulnerability exists due to an error in Windows Hyper-V when processing input data from guest operating system. A remote attacker with access to guest operating system could run a specially crafted application and compromise the host system.

Remediation

Install updates from vendor's website.

ID:9197 - Exploit for Improper input validation in Windows and Windows Server - CVE-2018-0959

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human