CVE-2018-8226

CVE Database · CVE-2018-8226

CVE-2018-8226

· N/AModified

CVSS v3.1

N/A

EPSS

12.70%

Published

Jun 14, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

Affected Products (8)

microsoft · windows_10vulnerable

microsoft · windows_server_1803vulnerable

microsoft · windows_server_2016vulnerable

References (6)

http://www.securityfocus.com/bid/104361

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041094

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8226

PatchVendor Advisory

http://www.securityfocus.com/bid/104361

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041094

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8226

KEV Catalog EPSS Scores Vendors All CVEs