Description
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, spoof user interface.
Below is a complete list of vulnerabilities:
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Scripting Engine can be exploited remotely to obtain sensitive information.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- An information disclosure vulnerability in Scripting Engine can be exploited remotely via specially crafted content to obtain sensitive information.
- An elevation of privilege vulnerability in Microsoft Edge can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Edge can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Internet Explorer can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Microsoft Edge PDF can be exploited remotely via specially crafted to execute arbitrary code.
- A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
- A spoofing vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to spoof user interface.
Original advisories
- CVE-2018-8315
- CVE-2018-8459
- CVE-2018-8367
- CVE-2018-8354
- CVE-2018-8452
- CVE-2018-8456
- CVE-2018-8465
- CVE-2018-8467
- CVE-2018-8469
- CVE-2018-8366
- CVE-2018-8470
- CVE-2018-8464
- CVE-2018-8447
- CVE-2018-8425
- CVE-2018-8457
- CVE-2018-8463
- CVE-2018-8461
- CVE-2018-8391
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2018-8391 critical
- CVE-2018-8466 critical
- CVE-2018-8315 warning
- CVE-2018-8459 critical
- CVE-2018-8367 critical
- CVE-2018-8354 critical
- CVE-2018-8452 warning
- CVE-2018-8456 critical
- CVE-2018-8465 critical
- CVE-2018-8467 critical
- CVE-2018-8469 warning
- CVE-2018-8366 warning
- CVE-2018-8470 warning
- CVE-2018-8464 critical
- CVE-2018-8447 critical
- CVE-2018-8425 warning
- CVE-2018-8457 critical
- CVE-2018-8463 warning
- CVE-2018-8461 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!