CVE-2018-8380

🗓️ 15 Aug 2018 17:00:00Reported by microsoftType

A remote code execution vulnerability in Chakra scripting engine in Microsoft Edg

Reporter	Title	Published	Views	Family All 23
BDU FSTEC	The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.	23 Aug 201800:00	–	bdu_fstec
CNVD	Microsoft ChakraCore and Edge Memory Corruption Vulnerability	15 Aug 201800:00	–	cnvd
CVE	CVE-2018-8380	15 Aug 201817:00	–	cve
EUVD	EUVD-2022-5252	3 Oct 202520:07	–	euvd
Github Security Blog	ChakraCore remote code execution vulnerability	13 May 202201:20	–	github
Microsoft KB	August 14, 2018—KB4343909 (OS Build 17134.228)	14 Aug 201807:00	–	mskb
Kaspersky	KLA11306 Multiple vulnerabilities in Microsoft Browsers	14 Aug 201800:00	–	kaspersky
Microsoft CVE	Chakra Scripting Engine Memory Corruption Vulnerability	14 Aug 201807:00	–	mscve
NVD	CVE-2018-8380	15 Aug 201817:29	–	nvd
OpenVAS	Microsoft Windows Multiple Vulnerabilities (KB4343909)	15 Aug 201800:00	–	openvas

[
  {
    "product": "Microsoft Edge",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Windows 10 Version 1803 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "Windows 10 Version 1803 for x64-based Systems"
      }
    ]
  },
  {
    "product": "ChakraCore",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "ChakraCore"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1041457
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380
securityfocus	www.securityfocus.com/bid/104979

16 Aug 2018 09:57Current

7.5High risk

Vulners AI Score7.5

EPSS0.22992