CWE-122:Heap-based Buffer Overflow – CVE-2018-8626 Microsoft Windows Domain Name System(DNS)servers are vulnerable to heap overflow attacks. Microsoft acknowledges that”an attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account.”This remote code execution vulnerability exists in Windows DNS servers when they fail to properly handle requests.