PT-2018-9167 · Microsoft · Internet Explorer

Masato Kinugawa

Published

2018-07-10

Updated

2019-10-03

CVE-2018-0949

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 9 through 11

Description: A security feature bypass issue exists due to Microsoft Internet Explorer's improper handling of requests involving UNC resources. This could allow an attacker to force the browser to load restricted data.

Recommendations: For versions 9 through 11, update to a version that properly handles UNC resource requests to prevent the security feature bypass.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-0949

Affected Products

Internet Explorer

PT-2018-9167 · Microsoft · Internet Explorer

CVE-2018-0949

Related Identifiers

Affected Products

References · 6