CVE-2018-0891
published 2018-03-14CVE-2018-0891: ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and…
PriorityP335medium4.3CVSS 3.0
AVNACLPRNUIRSUCLINAN
EXPLOIT
EPSS
14.74%
96.3th percentile
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0939.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| msrc | chakracore | — | — |
| msrc | internet_explorer_10 | — | — |
| msrc | internet_explorer_11 | — | — |
| msrc | internet_explorer_9 | — | — |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Trigger pattern: setting RegExp.input to an object with a custom toString that calls String.prototype.match, then reading RegExp.lastMatch — this is the PoC exploit pattern for the IE memory disclosure. ↗
- →The vulnerability is triggered via the scripting engine's handling of RegExp.lastMatch in Internet Explorer; monitor for JavaScript leveraging RegExp.input with a custom toString callback combined with large string allocations (e.g., Array(10000000).join) as a heap-grooming/disclosure primitive. ↗
- →Exploit delivery is web-based; attacker hosts or compromises a website to serve malicious JavaScript. Monitor for drive-by script patterns matching RegExp.lastMatch memory disclosure in IE/Edge browser telemetry. ↗
- →CVE-2018-0891 is rated 'Exploitation More Likely' for both latest and older software releases — prioritize detection on Internet Explorer 11 and Microsoft Edge on all supported Windows versions. ↗
- ·PoC is not reliable — it may cause a crash instead of memory disclosure; exploit stability in weaponized versions may vary. ↗
- ·The vulnerability is distinct from CVE-2018-0939, which is a separate scripting engine information disclosure; ensure detection rules target the RegExp.lastMatch vector specifically. ↗
CVSS provenance
nvdv3.04.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
ghsa4.3MEDIUM
osv4.3MEDIUM
vendor_msrc4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qpvj-752h-7r4r: ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8
ghsa_unreviewed·2022-05-13·CVSS 4.3
CVE-2018-0891 [MEDIUM] CWE-401 GHSA-qpvj-752h-7r4r: ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0939.
OSV
ChakraCore information disclosure vulnerability
osv·2022-05-13·CVSS 4.3
CVE-2018-0939 [MEDIUM] ChakraCore information disclosure vulnerability
ChakraCore information disclosure vulnerability
ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0891.
GHSA
ChakraCore information disclosure vulnerability
ghsa·2022-05-13·CVSS 4.3
CVE-2018-0939 [MEDIUM] CWE-787 ChakraCore information disclosure vulnerability
ChakraCore information disclosure vulnerability
ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0891.
Microsoft
Scripting Engine Information Disclosure Vulnerability
vendor_msrc·2018-03-13·CVSS 4.3
CVE-2018-0891 [MEDIUM] Scripting Engine Information Disclosure Vulnerability
Scripting Engine Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
In a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an at
No detection rules found.
Talos
Microsoft Patch Tuesday - March 2018
blogs_talos·2018-03-13·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - March 2018
### Microsoft Patch Tuesday - March 2018 Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 74 new vulnerabilities, with 14 of them rated critical and 59 of them rated important. These vulnerabilities impact Internet Explorer, Edge, Exchange, Scripting Engine, Windows Shell and more.
#### Critical Vulnerabilities This month, Microsoft is addressing 14 vulnerabilities that are rated as critical.
The vulnerabilities rated as critical are listed below:
CVE-2018-0872 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0874 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0876 - Scripting Engine Memory Corruption Vulnerabi
Talos
Microsoft Patch Tuesday - March 2018
blogs_talos·2018-03-13·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - March 2018
## Microsoft Patch Tuesday - March 2018
## Microsoft Patch Tuesday - March 2018 Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 74 new vulnerabilities, with 14 of them rated critical and 59 of them rated important. These vulnerabilities impact Internet Explorer, Edge, Exchange, Scripting Engine, Windows Shell and more.
## Critical Vulnerabilities This month, Microsoft is addressing 14 vulnerabilities that are rated as critical.
The vulnerabilities rated as critical are listed below:
CVE-2018-0872 - Chakra Scripting Engine Memory Corruption Vulnerability CVE-2018-0874 - Chakra Scripting Engine Memory Corruption Vulnerability CVE-2018-0876 - Script
http://www.securityfocus.com/bid/103309http://www.securitytracker.com/id/1040507https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0891https://www.exploit-db.com/exploits/44312/http://www.securityfocus.com/bid/103309http://www.securitytracker.com/id/1040507https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0891https://www.exploit-db.com/exploits/44312/
2018-03-14
Published