CVE-2018-8139
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137.
Published
2018-05-09T19:29:01.917
Last Modified
2024-11-21T04:13:20.190
Status
Modified
Source
[email protected]
Severity
CVSSv3.0: 7.5 (HIGH)
CVSSv2 Vector
AV:N/AC:H/Au:N/C:C/I:C/A:C
- Access Vector: NETWORK
- Access Complexity: HIGH
- Authentication: NONE
- Confidentiality Impact: COMPLETE
- Integrity Impact: COMPLETE
- Availability Impact: COMPLETE
Exploitability Score
4.9
Impact Score
10.0
Weaknesses
Affected Vendors & Products
References
-
http://www.securityfocus.com/bid/103977
Third Party Advisory, VDB Entry
([email protected])
-
http://www.securitytracker.com/id/1040844
Third Party Advisory, VDB Entry
([email protected])
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8139
Patch, Vendor Advisory
([email protected])
-
https://www.exploit-db.com/exploits/45012/
Exploit, Third Party Advisory, VDB Entry
([email protected])
-
http://www.securityfocus.com/bid/103977
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securitytracker.com/id/1040844
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8139
Patch, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://www.exploit-db.com/exploits/45012/
Exploit, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)