This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Class_Terminate methods. By performing actions in VBScript, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8174

checkpoint_advisories 1

symantec 1

fireeye 4

malwarebytes 16

prion 1

zdi 2

krebs 1

cve 1

zdt 1

myhack58 5

securelist 9

packetstorm 1

hackread 1

cisa_kev 1

attackerkb 1

mscve 1

googleprojectzero 1

srcincite 2

talosblog 3

mskb 12

threatpost 2

githubexploit 1

thn 3

qualysblog 4

cisa 1

nessus 9

kaspersky 2

openvas 7

avleonov 1

trendmicroblog 1

checkpoint_advisories

Microsoft Windows VBScript Engine Remote Code Execution (CVE-2018-8174)

2018-05-08 00:00:00

symantec

Microsoft Internet Explorer VBScript Engine CVE-2018-8174 Arbitrary Code Execution Vulnerability

2018-04-23 00:00:00

fireeye

Fallout Exploit Kit Used in Malvertising Campaign to Deliver GandCrab Ransomware

2018-09-06 11:00:00

Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents

2020-05-07 00:00:00

RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique

2018-06-28 12:00:00

malwarebytes

Maze: the ransomware that introduced an extra twist

2020-05-29 15:00:00

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

2018-09-26 17:13:26

Exploit kits: fall 2018 review

2018-10-24 16:10:54

prion

Remote code execution

2018-05-09 19:29:00

zdi

Microsoft Windows VBScript Class_Terminate Use-After-Free Remote Code Execution Vulnerability

2018-06-05 00:00:00

Microsoft Windows VBScript Class_Terminate Invalid Object Access Remote Code Execution Vulnerability

2018-06-26 00:00:00

krebs

Microsoft Patch Tuesday, May 2018 Edition

2018-05-08 20:38:16

cve

CVE-2018-8174

2018-05-09 19:29:00

zdt

Microsoft Internet Explorer 11 #InternetExplorer #IE (#Windows7 x64/x86) - vbscript Code Execution E

2018-05-24 00:00:00

myhack58

The Windows VBScript Engine RCE vulnerability of CVE-2018-8174 analysis and use-vulnerability and early warning-the black bar safety net

2018-11-08 00:00:00

To see the Hidden Bee how to use a new vulnerability propagation-vulnerability warning-the black bar safety net

2018-08-07 00:00:00

Use CVE-2018-8373 0day vulnerabilities the attacks the Darkhotel gang-related analysis-vulnerability warning-the black bar safety net

2018-08-18 00:00:00

securelist

CactusPete APT group’s updated Bisonal backdoor

2020-08-13 10:00:09

Delving deep into VBScript

2018-07-03 13:00:13

IT threat evolution Q2 2018

2018-08-06 10:00:53

packetstorm

Microsoft Internet Explorer 11 Vbscript Code Execution

2018-05-24 00:00:00

hackread

New backdoor malware hits Slack and Github platforms

2019-03-08 15:56:09

cisa_kev

Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability

2022-02-15 00:00:00

attackerkb

CVE-2018-8174

2018-05-09 00:00:00

mscve

Windows VBScript Engine Remote Code Execution Vulnerability

2018-05-08 07:00:00

googleprojectzero

On VBScript

2018-12-19 00:00:00

srcincite

SRC-2019-0009 : Foxit Reader SDK ActiveX Launch Action New Window Command Injection Remote Code Execution Vulnerability

2018-11-20 00:00:00

SRC-2019-0010 : Foxit Reader SDK ActiveX URI Parsing Stack Based Buffer Overflow Remote Code Execution Vulnerability

2018-11-20 00:00:00

talosblog

Welcome Spelevo: New exploit kit full of old tricks

2019-06-27 13:27:21

Multiple Cobalt Personality Disorder

2018-07-31 09:38:00

Microsoft Patch Tuesday - May 2018

2018-05-08 12:02:00

mskb

Description of the security update for vulnerabilities in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: May 08, 2018

2018-05-08 07:00:00

May 8, 2018—KB4103726 (Security-only update)

2018-05-08 07:00:00

May 8, 2018—KB4103712 (Security-only update)

2018-05-08 07:00:00

threatpost

Darkhotel Exploits Microsoft Zero-Day VBScript Flaw

2018-08-20 16:39:26

May Patch Tuesday Fixes Two Bugs Under Active Attack

2018-05-08 20:42:20

githubexploit

Exploit for Out-of-bounds Write in Microsoft

2019-05-23 10:28:40

thn

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

2022-06-22 05:41:00

Microsoft Patches Two Zero-Day Flaws Under Active Attack

2018-05-09 06:14:00

Researchers Share New Insights Into RIG Exploit Kit Malware's Operations

2023-02-27 15:33:00

qualysblog

May 2018 Patch Tuesday – Medium Weight, However One Active Exploit Needs Attention

2018-05-08 18:20:24

Top 19+ Vulnerability CVEs in Santa’s Dashboard Tracking

2019-12-27 18:01:22

Qualys Top 20 Most Exploited Vulnerabilities

2023-09-04 14:00:00

cisa

CISA Adds Nine Known Exploited Vulnerabilities to Catalog

2022-02-15 00:00:00

nessus

Security Updates for Windows Server 2008 (May 2018)

2018-05-09 00:00:00

KB4103726: Windows Server 2012 May 2018 Security Update

2018-05-08 00:00:00

KB4103712: Windows 7 and Windows Server 2008 R2 May 2018 Security Update

2018-05-08 00:00:00

kaspersky

KLA11894 Multiple vulnerabilities in Microsoft Products (ESU)

2018-05-08 00:00:00

KLA11241 Multiple vulnerabilities in Microsoft Windows

2018-05-08 00:00:00

openvas

Microsoft Windows Multiple Vulnerabilities (KB4103718)

2018-05-09 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB4103725)

2018-05-09 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB4103723)

2018-05-09 00:00:00

avleonov

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM

2023-09-30 19:31:42

trendmicroblog

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 7, 2018

2018-05-11 15:37:20

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

99.9%

JSON

Related for ZDI-18-591