Known Exploited Vulnerabilities Spoofing Vulnerability Capability Group

All Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2024-38112	Microsoft Windows MSHTML Platform Spoofing Vulnerability	exploitation_technique	T1189	Drive-by Compromise	Comments This vulnerability is exploited through a victim visiting a malicious Web page or to clicking on an unsafe link. After visiting the website or clicking on the link, an adversary would gain the ability to execute arbitrary code on the victim system. References https://www.darkreading.com/application-security/void-banshee-exploits-second-microsoft-zero-day
CVE-2024-38112	Microsoft Windows MSHTML Platform Spoofing Vulnerability	exploitation_technique	T1204.001	Malicious Link	Comments This vulnerability is exploited through a victim visiting a malicious Web page or to clicking on an unsafe link. After visiting the website or clicking on the link, an adversary would gain the ability to execute arbitrary code on the victim system. References https://www.darkreading.com/application-security/void-banshee-exploits-second-microsoft-zero-day

Capability ID	Capability Name	Number of Mappings
CVE-2024-38112	Microsoft Windows MSHTML Platform Spoofing Vulnerability	2