CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-0856

Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.268

EPSS Ranking 96.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.6

References

http://www.securityfocus.com/bid/102880
http://www.securitytracker.com/id/1040372
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0856
http://www.securityfocus.com/bid/102880
http://www.securitytracker.com/id/1040372
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0856

Products affected by CVE-2018-0856

Microsoft » Chakracore » Version: N/A

cpe:2.3:a:microsoft:chakracore:-
Microsoft » Edge » Version: N/A

cpe:2.3:a:microsoft:edge:-
Microsoft » Windows 10 » Version: 1703

cpe:2.3:o:microsoft:windows_10:1703
Microsoft » Windows 10 » Version: 1709

cpe:2.3:o:microsoft:windows_10:1709

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0856

Products

Pricing

Contact Us