Описание
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, spoof user interface.
Below is a complete list of vulnerabilities:
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Scripting Engine can be exploited remotely to obtain sensitive information.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- An information disclosure vulnerability in Scripting Engine can be exploited remotely via specially crafted content to obtain sensitive information.
- An elevation of privilege vulnerability in Microsoft Edge can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Edge can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Internet Explorer can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Microsoft Edge PDF can be exploited remotely via specially crafted to execute arbitrary code.
- A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
- A spoofing vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to spoof user interface.
Первичный источник обнаружения
- CVE-2018-8466
CVE-2018-8315
CVE-2018-8459
CVE-2018-8367
CVE-2018-8354
CVE-2018-8452
CVE-2018-8456
CVE-2018-8465
CVE-2018-8467
CVE-2018-8469
CVE-2018-8366
CVE-2018-8470
CVE-2018-8464
CVE-2018-8447
CVE-2018-8425
CVE-2018-8457
CVE-2018-8463
CVE-2018-8461
CVE-2018-8391
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
Список CVE
- CVE-2018-8391 critical
- CVE-2018-8466 critical
- CVE-2018-8315 warning
- CVE-2018-8459 critical
- CVE-2018-8367 critical
- CVE-2018-8354 critical
- CVE-2018-8452 warning
- CVE-2018-8456 critical
- CVE-2018-8465 critical
- CVE-2018-8467 critical
- CVE-2018-8469 warning
- CVE-2018-8366 warning
- CVE-2018-8470 warning
- CVE-2018-8464 critical
- CVE-2018-8447 critical
- CVE-2018-8425 warning
- CVE-2018-8457 critical
- CVE-2018-8463 warning
- CVE-2018-8461 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!