A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.
http://www.securityfocus.com/bid/104076
http://www.securitytracker.com/id/1040844
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8178
Source: MITRE
Published: 2018-05-09
Updated: 2020-08-24
Type: CWE-787
Base Score: 7.6
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 4.9
Severity: HIGH
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.6
Severity: HIGH
OR
OR
cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* versions up to 1.8.3 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
109613 | Security Updates for Internet Explorer (May 2018) | Nessus | Windows : Microsoft Bulletins | high |
109611 | KB4103731: Windows 10 Version 1703 May 2018 Security Update | Nessus | Windows : Microsoft Bulletins | high |
109608 | KB4103727: Windows 10 Version 1709 and Windows Server Version 1709 May 2018 Security Update | Nessus | Windows : Microsoft Bulletins | high |
109607 | KB4103715: Windows 8.1 and Windows Server 2012 R2 May 2018 Security Update | Nessus | Windows : Microsoft Bulletins | high |
109606 | KB4103723: Windows 10 Version 1607 and Windows Server 2016 May 2018 Security Update | Nessus | Windows : Microsoft Bulletins | high |
109605 | KB4103721: Windows 10 Version 1803 and Windows Server Version 1803 May 2018 Security Update | Nessus | Windows : Microsoft Bulletins | high |
109604 | KB4103712: Windows 7 and Windows Server 2008 R2 May 2018 Security Update | Nessus | Windows : Microsoft Bulletins | high |
109603 | KB4103716: Windows 10 May 2018 Security Update | Nessus | Windows : Microsoft Bulletins | high |