PT-2018-2025 · Microsoft · Windows 10 Servers+5

Mtowalski1

Published

2018-12-11

Updated

2020-08-24

CVE-2018-8634

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows Server 2016 Windows 10 Windows Server 2019 Windows 10 Servers

Description A remote code execution issue exists due to the improper handling of objects in memory by Microsoft text-to-speech. This allows remote attackers to execute arbitrary code and affect the system.

Recommendations For Windows Server 2016, update to a version that includes the fix for the Microsoft Text-To-Speech Remote Code Execution issue. For Windows 10, update to a version that includes the fix for the Microsoft Text-To-Speech Remote Code Execution issue. For Windows Server 2019, update to a version that includes the fix for the Microsoft Text-To-Speech Remote Code Execution issue. For Windows 10 Servers, update to a version that includes the fix for the Microsoft Text-To-Speech Remote Code Execution issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2018-01641

CVE-2018-8634

Affected Products

Text-To-Speech

Windows

Windows 10

Windows 10 Servers

Windows Server 2016

Windows Server 2019

PT-2018-2025 · Microsoft · Windows 10 Servers+5

CVE-2018-8634

Weakness Enumeration

Related Identifiers

Affected Products

References · 8