CVE-2018-0904

The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure vulnerability due to how memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability".

Published: Mar 14, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-0904
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.7
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
microsoft / windows_server_2012	r2	r2.x
microsoft / windows_10	1511	1511.x
microsoft / windows_10	1607	1607.x
microsoft / windows_server_2008	r2-sp1	r2-sp1.x
microsoft / windows_7	--sp1	--sp1.x
microsoft / windows_server_2012	-	-
microsoft / windows_10	1703	1703.x
microsoft / windows_10	1709	1709.x
microsoft / windows_server	1709	1709.x

http://www.securityfocus.com/bid/103246
http://www.securitytracker.com/id/1040517
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0904

Vulnerability Database

289,599

CVE-2018-0904