Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11388
Multiple vulnerabilities in Microsoft Browsers

Updated: 07/22/2020
Detect date
?
 12/11/2018
Severity
?
 Critical
Description

Multiple serious vulnerabilities were found in Microsoft Browsers Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  2. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  3. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  4. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  5. A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
  6. A remote code execution vulnerability in Windows VBScript Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  7. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  8. A remote code execution vulnerability in Internet Explorer can be exploited remotely via specially crafted content to execute arbitrary code.
  9. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
Affected products

Internet Explorer 10
Internet Explorer 11
Internet Explorer 9
Microsoft Edge
Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories

CVE-2018-8583
CVE-2018-8624
CVE-2018-8643
CVE-2018-8617
CVE-2018-8631
CVE-2018-8625
CVE-2018-8629
CVE-2018-8619
CVE-2018-8618
Impacts
?
ACE 
[?]
Related products
 Microsoft Internet Explorer
Microsoft Edge
CVE-IDS
?
CVE-2018-85837.6Critical
CVE-2018-86247.6Critical
CVE-2018-86297.6Critical
CVE-2018-86177.6Critical
CVE-2018-86187.6Critical
CVE-2018-86437.6Critical
CVE-2018-86317.6Critical
CVE-2018-86257.6Critical
CVE-2018-86197.6Critical
KB list

4471329
4471323
4471324
4471327
4471321
4471332
4471320
4471330
4471318
4470199
Microsoft official advisories
 Microsoft Security Update Guide
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/46202

https://www.exploit-db.com/exploits/46001

https://www.exploit-db.com/exploits/46022

https://www.exploit-db.com/exploits/46023
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up