CVE-2018-8275

Опубликовано: 11 июл. 2018

Источник: nvd

CVSS3: 7.5

CVSS2: 7.6

EPSS Средний

Описание

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8279, CVE-2018-8301.

Ссылки

http://www.securityfocus.com/bid/104632
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041256
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104632
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041256
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*

Версия до 1.10.0 (включая)

EPSS

Процентиль: 96%

0.28197

Средний

7.5 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2018-8275

CVSS3: 4.2

msrc

около 7 лет назад

Microsoft Edge Memory Corruption Vulnerability

GHSA-wh43-qhcc-2p2j