Vulnerability Details CVE-2018-8452
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.0%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/105252
- http://www.securitytracker.com/id/1041623
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8452
- http://www.securityfocus.com/bid/105252
- http://www.securitytracker.com/id/1041623
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8452
Products affected by CVE-2018-8452
-
cpe:2.3:a:microsoft:chakracore:-
-
cpe:2.3:a:microsoft:edge:-
-
cpe:2.3:a:microsoft:internet_explorer:11
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1511
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_10:1809
-
cpe:2.3:o:microsoft:windows_10:1903
-
cpe:2.3:o:microsoft:windows_10:1909
-
cpe:2.3:o:microsoft:windows_10:2004
-
cpe:2.3:o:microsoft:windows_10:2019
-
cpe:2.3:o:microsoft:windows_10:20h2
-
cpe:2.3:o:microsoft:windows_10:21h1
-
cpe:2.3:o:microsoft:windows_10:21h2
-
cpe:2.3:o:microsoft:windows_10:22h2
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20520
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20520
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-