7.5
CVSSv3

CVE-2018-8355

Published: 15/08/2018 Updated: 21/11/2024

Vulnerability Summary

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet explorer 11

microsoft chakracore -

microsoft edge -

Exploits

/* A call to the StringprototypelocaleCompare method can be inlineed when it only takes one argument There are two versions of StringprototypelocaleCompare, one [1] is written in JavaScript and the other [2] is written in C++ which just calls the JavaScript version when Intl enabled without updating ImplicitCallFlags Since JavaScript code cou ...
Microsoft Edge Chakra JIT suffers from a type confusion vulnerability in localeCompare ...