Multiple vulnerabilities in Microsoft Edge and Internet Explorer

Description

Multiple vulnerabilities were found in Microsoft Edge and Internet Explorer. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, obtain sensitive information, bypass security restrictions, gain privileges.

Below is a complete list of vulnerabilities:

1. A security feature bypass vulnerability in Internet Explorer can be exploited remotely to bypass security restrictions.
2. A spoofing vulnerability in Microsoft Edge can be exploited remotely to spoof user interface.
3. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
4. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely to execute arbitrary code.
5. A memory corruption vulnerability in Microsoft Edge can be exploited remotely to execute arbitrary code.
6. A memory corruption vulnerability in Microsoft Edge can be exploited remotely to obtain sensitive information.
7. An information disclosure vulnerability in Microsoft Edge based on Edge HTML can be exploited remotely to obtain sensitive information.
8. A security feature bypass vulnerability in Scripting Engine can be exploited remotely to bypass security restrictions.

Fiches de renseignement originales

• CVE-2018-0949

• CVE-2018-8278
• CVE-2018-8242
• CVE-2018-8286
• CVE-2018-8279
• CVE-2018-8324
• CVE-2018-8294
• CVE-2018-8296
• CVE-2018-8297
• CVE-2018-8262
• CVE-2018-8125
• CVE-2018-8276
• CVE-2018-8280
• CVE-2018-8290
• CVE-2018-8274
• CVE-2018-8325
• CVE-2018-8301
• CVE-2018-8289
• CVE-2018-8288
• CVE-2018-8291
• CVE-2018-8275
• CVE-2018-8287
• CVE-2018-8298
• CVE-2018-8283

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Produits associés

• Microsoft-Internet-Explorer
• Microsoft-Edge
• ChakraCore

Liste CVE

• CVE-2018-0949
  high
• CVE-2018-8278
  high
• CVE-2018-8242
  critical
• CVE-2018-8286
  critical
• CVE-2018-8279
  critical
• CVE-2018-8324
  warning
• CVE-2018-8294
  critical
• CVE-2018-8296
  critical
• CVE-2018-8297
  warning
• CVE-2018-8262
  critical
• CVE-2018-8125
  critical
• CVE-2018-8276
  high
• CVE-2018-8280
  critical
• CVE-2018-8290
  critical
• CVE-2018-8274
  critical
• CVE-2018-8325
  warning
• CVE-2018-8301
  critical
• CVE-2018-8289
  warning
• CVE-2018-8288
  critical
• CVE-2018-8291
  critical
• CVE-2018-8275
  critical
• CVE-2018-8287
  critical
• CVE-2018-8298
  critical
• CVE-2018-8283
  critical

Liste KB

• 4338830
• 4338815
• 4338825
• 4338814
• 4338818
• 4338829
• 4338819
• 4338826
• 4345421
• 4345419
• 4338816
• 4345455
• 4338831
• 4345459
• 4345420
• 4345424
• 4338821
• 4345425
• 4345418
• 4339093

En savoir plus

Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com