HTTP: Microsoft CVE-2018-8486 Information Disclosure

This signature detects an attempt to exploit against Microsoft Operating System. Successful exploitation could allow an attacker to bypass mitigations.

Extended Description

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Affected Products

Microsoft windows_server_2016

References

CVE: CVE-2018-8486

Short Name
HTTP:STC:IE:CVE-2018-8486IN-DIS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-8486 Disclosure Information Microsoft
Release Date
10/04/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Microsoft

CVSS Score

2.1

Found a potential security threat?