Description
Windows MSHTML Platform Spoofing Vulnerability
Reserved 2024-06-11 | Published 2024-07-09 | Updated 2025-03-11 | Assigner
microsoftHIGH: 7.5CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
CISA Known Exploited Vulnerability
Date added 2024-07-09 | Due date 2024-07-30
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Problem types
CWE-451: User Interface (UI) Misrepresentation of Critical Information
Product status
10.0.19045.0 before 10.0.19045.4651
affected
10.0.22631.0 before 10.0.22631.3880
affected
10.0.10240.0 before 10.0.10240.20710
affected
10.0.22621.0 before 10.0.22621.3880
affected
10.0.14393.0 before 10.0.14393.7159
affected
10.0.14393.0 before 10.0.14393.7159
affected
10.0.19043.0 before 10.0.19044.4651
affected
10.0.14393.0 before 10.0.14393.7159
affected
6.0.6003.0 before 6.0.6003.22769
affected
6.0.6003.0 before 6.0.6003.22769
affected
6.0.6003.0 before 6.0.6003.22769
affected
10.0.17763.0 before 10.0.17763.6054
affected
6.3.9600.0 before 6.3.9600.22074
affected
10.0.22631.0 before 10.0.22631.3880
affected
6.3.9600.0 before 6.3.9600.22074
affected
10.0.20348.0 before 10.0.20348.2582
affected
10.0.25398.0 before 10.0.25398.1009
affected
10.0.17763.0 before 10.0.17763.6054
affected
10.0.0 before 10.0.22000.3079
affected
10.0.17763.0 before 10.0.17763.6054
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112 (Windows MSHTML Platform Spoofing Vulnerability) vendor-advisory
cve.org (CVE-2024-38112)
nvd.nist.gov (CVE-2024-38112)
Download JSON