Published: 09/05/2018 Updated: 24/08/2020

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 676

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft edge -
microsoft chakracore

It's 2018, and a webpage can still pwn your Windows PC – and apps can escape Hyper-V

The Register • Chris Williams, Editor in Chief • 09 May 2018

Scores of bugs, from Edge and Office to kernel code to Adobe Flash, need fixing ASAP

Patch Tuesday Microsoft and Adobe have patched a bunch of security bugs in their products that can be exploited by hackers to commandeer vulnerable computers, siphon people's personal information, and so on. Redmond emitted 68 patches alone, 21 rated critical and at least two being actively exploited in the wild. There are browser and kernel patches you should look into first, check out an Office 365 email filter bypass that isn't addressed, then Hyper-V if you're using that, and then the rest. ...

CVE-2018-8130

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect