Lucene search
K

15 matches found

Github Security Blog
Github Security Blog
added 2022/05/13 1:20 a.m.36 views

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.4AI score0.14443EPSS
Exploits0References5Affected Software1
Packet Storm
Packet Storm
added 2018/11/19 12:0 a.m.286 views

Microsoft Edge Chakra OP_Memset Type Confusion

Microsoft Edge: Chakra: Type confusion with OPMemset Microsoft Edge: Chakra: Type confusion with OPMemset Since the patch for CVE-2018-8372, it checks all inputs to native arrays, and if any input equals to the MissingItem value which can cause type confusion, it starts the bailout process. But i...

7.6CVSS0.2AI score0.24766EPSS
Exploits4
exploitpack
exploitpack
added 2018/11/19 12:0 a.m.30 views

Microsoft Edge Chakra - OP_Memset Type Confusion

Microsoft Edge Chakra - OPMemset Type Confusion / Since the patch for CVE-2018-8372, it checks all inputs to native arrays, and if any input equals to the MissingItem value which can cause type confusion, it starts the bailout process. But it doesn't check the "value" argument to OPMemset. This c...

7.6CVSS0.1AI score0.24766EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/11/19 12:0 a.m.42 views

Microsoft Edge Chakra - OP_Memset Type Confusion

/ Since the patch for CVE-2018-8372, it checks all inputs to native arrays, and if any input equals to the MissingItem value which can cause type confusion, it starts the bailout process. But it doesn't check the "value" argument to OPMemset. This can be exploited in the same way as for issue 158...

7.6CVSS7AI score0.24766EPSS
Exploits4
0day.today
0day.today
added 2018/11/19 12:0 a.m.48 views

Microsoft Edge Chakra - OP_Memset Type Confusion Exploit

Exploit for windows platform in category dos / poc Microsoft Edge Chakra - OPMemset Type Confusion / Since the patch for CVE-2018-8372, it checks all inputs to native arrays, and if any input equals to the MissingItem value which can cause type confusion, it starts the bailout process. But it...

7AI score0.24766EPSS
Exploits4
NVD
NVD
added 2018/08/15 5:29 p.m.23 views

CVE-2018-8372

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353,...

7.6CVSS7.7AI score0.24766EPSS
Exploits4References3
Prion
Prion
added 2018/08/15 5:29 p.m.34 views

Remote code execution

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.6AI score0.68242EPSS
Exploits10References3Affected Software1
Prion
Prion
added 2018/08/15 5:29 p.m.23 views

Remote code execution

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353,...

7.6CVSS7.6AI score0.68242EPSS
Exploits10References4Affected Software1
Prion
Prion
added 2018/08/15 5:29 p.m.20 views

Remote code execution

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.6AI score0.68242EPSS
Exploits10References3Affected Software1
Prion
Prion
added 2018/08/15 5:29 p.m.30 views

Remote code execution

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

7.6CVSS7.6AI score0.68242EPSS
Exploits10References3Affected Software1
Prion
Prion
added 2018/08/15 5:29 p.m.28 views

Remote code execution

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8371, CVE-2018-8372,...

7.6CVSS7.7AI score0.68242EPSS
Exploits10References3
Cvelist
Cvelist
added 2018/08/15 5:0 p.m.29 views

CVE-2018-8372

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353,...

6.8AI score0.24766EPSS
Exploits4References3
CVE
CVE
added 2018/08/15 5:0 p.m.255 views

CVE-2018-8372

Microsoft Edge Chakra (ChakraCore) and Internet Explorer are affected by a remote code execution vulnerability in the scripting engine due to memory-object handling issues. The CVE-2018-8372 family (and related CVEs) describes a memory-corruption flaw that enables code execution via crafted objec...

7.6CVSS6.8AI score0.24766EPSS
In wildExploits4References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/08/15 12:0 a.m.34 views

CVE-2018-8372

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka “Scripting Engine Memory Corruption Vulnerability.” This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353,...

7.6CVSS6.9AI score0.68242EPSS
In wildExploits10References5
Check Point Advisories
Check Point Advisories
added 2018/08/14 12:0 a.m.4 views

Microsoft Browser Scripting Engine Memory Corruption (CVE-2018-8372)

A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS5AI score0.24766EPSS
Exploits4
Rows per page
Query Builder