Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2018-8353

Published: 15/08/2018 Updated: 24/08/2020
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 766
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet_explorer 11

microsoft internet_explorer 10

microsoft internet_explorer 9

Exploits

Exploit DB: Microsoft Windows - JScript RegExp.lastIndex Use-After-Free
<!-- There is a use-after-free vulnerability in jscriptdll related to how the lastIndex property of a RegExp object is handled This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network The vulnerability has been reproduced on multiple Windows versions with the most recent patches applied Th ...

Github Repositories

https://github.com/wherethef2ckisr0da/CVE-2018-8353-POC

Simple poc of CVE-2018-8353 Microsoft Scripting Engine Use After Free

CVE-2018-8353 POC Simple poc of CVE-2018-8353 Microsoft Scripting Engine Use After Free saurce : bugschromiumorg/p/project-zero/issues/detail?id=1506

https://github.com/whereisr0da/CVE-2018-8353-POC

Simple poc of CVE-2018-8353 Microsoft Scripting Engine Use After Free

CVE-2018-8353 POC Simple poc of CVE-2018-8353 Microsoft Scripting Engine Use After Free saurce : bugschromiumorg/p/project-zero/issues/detail?id=1506

References

CWE-416https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8353http://www.securitytracker.com/id/1041483http://www.securityfocus.com/bid/105034https://www.exploit-db.com/exploits/45279/https://nvd.nist.govhttps://github.com/wherethef2ckisr0da/CVE-2018-8353-POChttps://www.exploit-db.com/exploits/45279/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-codedCVE-2024-27202NULL pointer dereferenceCVE-2024-28075CVE-2024-33608CVE-2024-28889CVE-2024-34572template injectionCVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook