Vulnerability Details CVE-2018-0891
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0939.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.596
EPSS Ranking 98.1%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/103309
- http://www.securitytracker.com/id/1040507
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0891
- https://www.exploit-db.com/exploits/44312/
- http://www.securityfocus.com/bid/103309
- http://www.securitytracker.com/id/1040507
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0891
- https://www.exploit-db.com/exploits/44312/
Products affected by CVE-2018-0891
-
cpe:2.3:a:microsoft:edge:-
-
cpe:2.3:a:microsoft:edge:108.0.1462.42
-
cpe:2.3:a:microsoft:edge:112.0.1722.34
-
cpe:2.3:a:microsoft:edge:114.0.1823.82
-
cpe:2.3:a:microsoft:edge:116.0.1938.98
-
cpe:2.3:a:microsoft:edge:117.0.2045.47
-
cpe:2.3:a:microsoft:edge:118.0.2088.88
-
cpe:2.3:a:microsoft:edge:122.0.2365.63
-
cpe:2.3:a:microsoft:edge:122.0.2365.92
-
cpe:2.3:a:microsoft:edge:123.0.2420.53
-
cpe:2.3:a:microsoft:edge:124.0.2478.105
-
cpe:2.3:a:microsoft:edge:124.0.2478.109
-
cpe:2.3:a:microsoft:edge:124.0.2478.121
-
cpe:2.3:a:microsoft:edge:124.0.2478.127
-
cpe:2.3:a:microsoft:edge:124.0.2478.131
-
cpe:2.3:a:microsoft:edge:124.0.2478.51
-
cpe:2.3:a:microsoft:edge:124.0.2478.67
-
cpe:2.3:a:microsoft:edge:124.0.2478.80
-
cpe:2.3:a:microsoft:edge:124.0.2478.97
-
cpe:2.3:a:microsoft:edge:125.0.2535.51
-
cpe:2.3:a:microsoft:edge:125.0.2535.67
-
cpe:2.3:a:microsoft:edge:125.0.2535.79
-
cpe:2.3:a:microsoft:edge:125.0.2535.85
-
cpe:2.3:a:microsoft:edge:125.0.2535.92
-
cpe:2.3:a:microsoft:edge:126.0.2592.102
-
cpe:2.3:a:microsoft:edge:126.0.2592.113
-
cpe:2.3:a:microsoft:edge:126.0.2592.56
-
cpe:2.3:a:microsoft:edge:126.0.2592.61
-
cpe:2.3:a:microsoft:edge:126.0.2592.68
-
cpe:2.3:a:microsoft:edge:126.0.2592.81
-
cpe:2.3:a:microsoft:edge:126.0.2592.87
-
cpe:2.3:a:microsoft:edge:127.0.2651.74
-
cpe:2.3:a:microsoft:edge:79.0.309.68
-
cpe:2.3:a:microsoft:edge:80.0.361.109
-
cpe:2.3:a:microsoft:edge:80.0.361.111
-
cpe:2.3:a:microsoft:edge:80.0.361.48
-
cpe:2.3:a:microsoft:edge:80.0.361.50
-
cpe:2.3:a:microsoft:edge:80.0.361.54
-
cpe:2.3:a:microsoft:edge:80.0.361.56
-
cpe:2.3:a:microsoft:edge:80.0.361.57
-
cpe:2.3:a:microsoft:edge:80.0.361.62
-
cpe:2.3:a:microsoft:edge:80.0.361.66
-
cpe:2.3:a:microsoft:edge:80.0.361.69
-
cpe:2.3:a:microsoft:edge:81.0.416.53
-
cpe:2.3:a:microsoft:edge:81.0.416.58
-
cpe:2.3:a:microsoft:edge:81.0.416.64
-
cpe:2.3:a:microsoft:edge:81.0.416.68
-
cpe:2.3:a:microsoft:edge:81.0.416.72
-
cpe:2.3:a:microsoft:edge:81.0.416.77
-
cpe:2.3:a:microsoft:edge:83.0.478.37
-
cpe:2.3:a:microsoft:edge:83.0.478.44
-
cpe:2.3:a:microsoft:edge:83.0.478.45
-
cpe:2.3:a:microsoft:edge:83.0.478.50
-
cpe:2.3:a:microsoft:edge:83.0.478.54
-
cpe:2.3:a:microsoft:edge:83.0.478.56
-
cpe:2.3:a:microsoft:edge:83.0.478.58
-
cpe:2.3:a:microsoft:edge:83.0.478.61
-
cpe:2.3:a:microsoft:edge:83.0.478.64
-
cpe:2.3:a:microsoft:edge:84.0.522.40
-
cpe:2.3:a:microsoft:edge:84.0.522.44
-
cpe:2.3:a:microsoft:edge:84.0.522.48
-
cpe:2.3:a:microsoft:edge:84.0.522.49
-
cpe:2.3:a:microsoft:edge:84.0.522.50
-
cpe:2.3:a:microsoft:edge:84.0.522.52
-
cpe:2.3:a:microsoft:edge:84.0.522.58
-
cpe:2.3:a:microsoft:edge:84.0.522.59
-
cpe:2.3:a:microsoft:edge:84.0.522.61
-
cpe:2.3:a:microsoft:edge:84.0.522.63
-
cpe:2.3:a:microsoft:edge:85.0.564.41
-
cpe:2.3:a:microsoft:edge:85.0.564.44
-
cpe:2.3:a:microsoft:edge:85.0.564.51
-
cpe:2.3:a:microsoft:edge:85.0.564.63
-
cpe:2.3:a:microsoft:edge:85.0.564.68
-
cpe:2.3:a:microsoft:edge:85.0.564.70
-
cpe:2.3:a:microsoft:edge:86.0.622.38
-
cpe:2.3:a:microsoft:edge:86.0.622.43
-
cpe:2.3:a:microsoft:edge:86.0.622.48
-
cpe:2.3:a:microsoft:edge:86.0.622.51
-
cpe:2.3:a:microsoft:edge:86.0.622.56
-
cpe:2.3:a:microsoft:edge:86.0.622.58
-
cpe:2.3:a:microsoft:edge:86.0.622.61
-
cpe:2.3:a:microsoft:edge:86.0.622.63
-
cpe:2.3:a:microsoft:edge:86.0.622.68
-
cpe:2.3:a:microsoft:edge:86.0.622.69
-
cpe:2.3:a:microsoft:edge:87.0.664.41
-
cpe:2.3:a:microsoft:edge:87.0.664.47
-
cpe:2.3:a:microsoft:edge:88.0.705.50
-
cpe:2.3:a:microsoft:edge:88.0.705.62
-
cpe:2.3:a:microsoft:edge:88.0.705.63
-
cpe:2.3:a:microsoft:edge:88.0.705.74
-
cpe:2.3:a:microsoft:edge:93.0.961.38
-
cpe:2.3:a:microsoft:edge:93.0.961.44
-
cpe:2.3:a:microsoft:edge:97.0.4692.99
-
cpe:2.3:a:microsoft:internet_explorer:10
-
cpe:2.3:a:microsoft:internet_explorer:11
-
cpe:2.3:a:microsoft:internet_explorer:9
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1511
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20520
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20520
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24116
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24768
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24919
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24975
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25031
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25073
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4467
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4886
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4946
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5192
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5246
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5291
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5356
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5427
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5648
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5717
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6351
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6452
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6897
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6981
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7070
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7159
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7259
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7336
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7428
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7515
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7606
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7876
-
cpe:2.3:o:microsoft:windows_server_2016:1709
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2016:2004
-
cpe:2.3:o:microsoft:windows_server_2016:20h2