CVE-2018-0824

⚠ KEVEPSS 91.5%

Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability

Added to CISA KEV: 8/5/2024

Description

Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or script.

Affected packages (0)

No package mapping in OSV.