www.cve.org
Open in
urlscan Pro
3.165.206.12
Public Scan
URL:
https://www.cve.org/CVERecord?id=CVE-2024-38112
Submission: On September 17 via api from US — Scanned from DE
Submission: On September 17 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
We're sorry but the CVE Website doesn't work properly without JavaScript enabled. Please enable it to continue. Skip to main content About OverviewHistoryProcessRelated EffortsMetrics Partner Information PartnerList of Partners Program Organization StructureProgram Relationship with PartnersBoardWorking GroupsCVE Numbering AuthoritiesAuthorized Data Publishers Downloads Resources & Support ResourcesGlossaryFAQs AllRecentArchivesNewsletter Sign-Up Reserve IDs & Publish RecordsCVE Services Report/Request CNAsNon-CNAs Site Search Find Find CVE Records by keyword on cve.mitre.org. Site Search CVE-2024-38112 PUBLISHED external site View JSON | external site User Guide -------------------------------------------------------------------------------- Collapse all REQUIRED CVE RECORD INFORMATION CNA: MICROSOFT CORPORATION expand Published: 2024-07-09 Updated: 2024-09-10 Title: Windows MSHTML Platform Spoofing Vulnerability DESCRIPTION Windows MSHTML Platform Spoofing Vulnerability CWE 1 TOTAL Learn more * CWE-451: CWE-451: User Interface (UI) Misrepresentation of Critical Information CVSS 1 TOTAL Learn more ScoreSeverityVersionVector String7.5HIGH3.1CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C PRODUCT STATUS Learn more Vendor Microsoft Product Windows 10 Version 22H2 Platforms x64-based Systems, ARM64-based Systems, 32-bit Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.19045.4651 Vendor Microsoft Product Windows 11 Version 23H2 Platforms x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.22631.3880 Vendor Microsoft Product Windows 10 Version 1507 Platforms 32-bit Systems, x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.10240.20710 Vendor Microsoft Product Windows 11 version 22H2 Platforms ARM64-based Systems, x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.22621.3880 Vendor Microsoft Product Windows 10 Version 1607 Platforms 32-bit Systems, x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.14393.7159 Vendor Microsoft Product Windows Server 2016 Platforms x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.14393.7159 Vendor Microsoft Product Windows 10 Version 21H2 Platforms 32-bit Systems, ARM64-based Systems, x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.19044.4651 Vendor Microsoft Product Windows Server 2016 (Server Core installation) Platforms x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.14393.7159 Vendor Microsoft Product Windows 10 Version 1809 Platforms ARM64-based Systems, x64-based Systems, 32-bit Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.17763.6054 Vendor Microsoft Product Windows Server 2008 Service Pack 2 Platforms 32-bit Systems Versions 2 Total Default Status: unknown affected * affected from 6.0.0 before 6.0.6003.22769 * affected from 6.0.0 before 1.001 Vendor Microsoft Product Windows Server 2008 Service Pack 2 (Server Core installation) Platforms 32-bit Systems, x64-based Systems Versions 2 Total Default Status: unknown affected * affected from 6.0.0 before 6.0.6003.22769 * affected from 6.0.0 before 1.001 Vendor Microsoft Product Windows Server 2008 Service Pack 2 Platforms x64-based Systems Versions 2 Total Default Status: unknown affected * affected from 6.0.0 before 6.0.6003.22769 * affected from 6.0.0 before 1.001 Vendor Microsoft Product Windows Server 2012 R2 Platforms x64-based Systems Versions 2 Total Default Status: unknown affected * affected from 6.3.0 before 6.3.9600.22074 * affected from 6.3.0 before 1.001 Vendor Microsoft Product Windows 11 version 22H3 Platforms ARM64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.22631.3880 Vendor Microsoft Product Windows Server 2012 R2 (Server Core installation) Platforms x64-based Systems Versions 2 Total Default Status: unknown affected * affected from 6.3.0 before 6.3.9600.22074 * affected from 6.3.0 before 1.001 Vendor Microsoft Product Windows Server 2022 Platforms x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.20348.2582 Vendor Microsoft Product Windows Server 2022, 23H2 Edition (Server Core installation) Platforms x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.25398.1009 Vendor Microsoft Product Windows Server 2019 (Server Core installation) Platforms x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.17763.6054 Vendor Microsoft Product Windows 11 version 21H2 Platforms ARM64-based Systems, x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.22000.3079 Vendor Microsoft Product Windows Server 2019 Platforms x64-based Systems Versions 1 Total Default Status: unknown affected * affected from 10.0.0 before 10.0.17763.6054 REFERENCES * msrc.microsoft.com: Windows MSHTML Platform Spoofing Vulnerability external site vendor-advisory CVE PROGRAM expand Updated: 2024-08-02 This container includes required additional information provided by the CVE Program for this vulnerability. REFERENCES * msrc.microsoft.com: Windows MSHTML Platform Spoofing Vulnerability external site vendor-advisoryx_transferred AUTHORIZED DATA PUBLISHERS Learn more CISA-ADP collapse On this page * Required CVE Record Information * CNA: Microsoft Corporation * CVE Program * Authorized Data Publishers * CISA-ADP POLICIES & COOKIES * Terms of Use * Website Security Policy * Privacy Policy * Cookie Notice * Manage Cookies MEDIA * News * Blogs * Podcasts * Email newsletter sign up SOCIAL MEDIA github linkedin mastodon youtube medium x-twitter icon for @CVEnew New CVE Records x-twitter icon for @CVEannounce CVE Announce CONTACT * CVE Program Support external site * CNA Partners * CVE Website Support external site * CVE Program Idea Tracker external site Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) external link Cybersecurity and Infrastructure Security Agency (CISA) external link . Copyright © 1999-2024, The MITRE Corporation external link . CVE and the CVE logo are registered trademarks of The MITRE Corporation.