CVE-2018-0930 - ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how

CVE-2018-0930

Summary

ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

CVSS

Base:	7.6 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:H/Au:N/C:C/I:C/A:C

refmap via4

bid	103272
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0930

Last major update

24-08-2020 - 17:37

Published

14-03-2018 - 17:29

Last modified

24-08-2020 - 17:37