CVE-2018-8464

HIGH

Description

An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge PDF Remote Code Execution Vulnerability." This affects Microsoft Edge.

References

http://www.securityfocus.com/bid/105265

http://www.securitytracker.com/id/1041623

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8464

https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/

Details

Source: MITRE

Published: 2018-09-13

Updated: 2020-02-24

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.6

Severity: HIGH