Published: 13/09/2018 Updated: 03/10/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.4 | Impact Score: 4 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an malicious user to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft edge -

1 Content process -> Privileged content process (first_stagejs) When spawning a new Edge content process, its privilege is determined by its URL This URL check is performed by the LCIEUrlPolicy::GetPICForPrivilegedInternalPage method in eModeldll The method calls several another methods to check the URL One of them EdgeUrlUtils::IsAboutFla ...

NVD-CWE-noinfo https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8463 http://www.securitytracker.com/id/1041623 http://www.securityfocus.com/bid/105260 https://www.exploit-db.com/exploits/45502/https://nvd.nist.gov https://www.exploit-db.com/exploits/45502/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-8463

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect