Multiple vulnerabilities in Microsoft Edge and Internet Explorer

Описание

Multiple vulnerabilities were found in Microsoft Edge and Internet Explorer. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, obtain sensitive information, bypass security restrictions, gain privileges.

Below is a complete list of vulnerabilities:

1. A security feature bypass vulnerability in Internet Explorer can be exploited remotely to bypass security restrictions.
2. A spoofing vulnerability in Microsoft Edge can be exploited remotely to spoof user interface.
3. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
4. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely to execute arbitrary code.
5. A memory corruption vulnerability in Microsoft Edge can be exploited remotely to execute arbitrary code.
6. A memory corruption vulnerability in Microsoft Edge can be exploited remotely to obtain sensitive information.
7. An information disclosure vulnerability in Microsoft Edge based on Edge HTML can be exploited remotely to obtain sensitive information.
8. A security feature bypass vulnerability in Scripting Engine can be exploited remotely to bypass security restrictions.

Первичный источник обнаружения

• CVE-2018-0949
  CVE-2018-8278
  CVE-2018-8242
  CVE-2018-8286
  CVE-2018-8279
  CVE-2018-8324
  CVE-2018-8294
  CVE-2018-8296
  CVE-2018-8297
  CVE-2018-8262
  CVE-2018-8125
  CVE-2018-8276
  CVE-2018-8280
  CVE-2018-8290
  CVE-2018-8274
  CVE-2018-8325
  CVE-2018-8301
  CVE-2018-8289
  CVE-2018-8288
  CVE-2018-8291
  CVE-2018-8275
  CVE-2018-8287
  CVE-2018-8298
  CVE-2018-8283
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Internet-Explorer
• Microsoft-Edge
• ChakraCore

Список CVE

• CVE-2018-0949
  warning
• CVE-2018-8278
  high
• CVE-2018-8242
  critical
• CVE-2018-8286
  critical
• CVE-2018-8279
  critical
• CVE-2018-8324
  warning
• CVE-2018-8294
  critical
• CVE-2018-8296
  critical
• CVE-2018-8297
  warning
• CVE-2018-8262
  critical
• CVE-2018-8125
  critical
• CVE-2018-8276
  warning
• CVE-2018-8280
  critical
• CVE-2018-8290
  critical
• CVE-2018-8274
  critical
• CVE-2018-8325
  warning
• CVE-2018-8301
  critical
• CVE-2018-8289
  warning
• CVE-2018-8288
  critical
• CVE-2018-8291
  critical
• CVE-2018-8275
  critical
• CVE-2018-8287
  critical
• CVE-2018-8298
  critical
• CVE-2018-8283
  critical

Список KB

• 4338830
• 4338815
• 4338825
• 4338814
• 4338818
• 4338829
• 4338819
• 4338826
• 4345421
• 4345419
• 4338816
• 4345455
• 4338831
• 4345459
• 4345420
• 4345424
• 4338821
• 4345425
• 4345418
• 4339093

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com