Published: 14/03/2018 Updated: 24/08/2020

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 765

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0893, and CVE-2018-0925.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet_explorer 9
microsoft internet_explorer 10
microsoft internet_explorer 11

<!-- There are multiple use-after-free issues in Array methods in jscript When jscript executes an Array method (such as Arrayjoin), it first retrieves the length of an array If the input is not an array but an object, then the length property of the object is going to be retrieved and converted to scalar During this conversion, the "length" ...

Microsoft Windows suffers from multiple use-after-free issues in jscript Array methods ...

CWE-787 CWE-416 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0935 http://www.securitytracker.com/id/1040510 http://www.securityfocus.com/bid/103298 https://www.exploit-db.com/exploits/44404/https://nvd.nist.gov https://www.exploit-db.com/exploits/44404/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-0935

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect