cbcvebase.
CVE-2018-8267
published 2018-06-14

CVE-2018-8267: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory…

PriorityP274high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
15.82%
96.5th percentile
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8243.

Affected

27 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer_10
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_11
microsoftinternet_explorer_9
microsoftinternet_explorer_9
msrcinternet_explorer_10

Detection & IOCsextracted from sources · hover to see the quote

  • Attack vector is web-based: attacker hosts a specially crafted website exploitable through Internet Explorer, or embeds a malicious ActiveX control marked 'safe for initialization' in an application or Office document hosting the IE rendering engine.
  • Compromised websites or sites hosting user-provided content/advertisements are also a delivery vector for this IE scripting engine exploit.
  • Microsoft's own exploit assessment rates exploitation as 'More Likely' for both latest and older software releases, indicating active exploitation risk should be treated as elevated.
  • ·The vulnerability affects the Microsoft Scripting Engine as used in Internet Explorer; exploitation requires the victim to browse to a malicious page or open a crafted Office/application document hosting the IE rendering engine.
  • ·Exploitation impact is bounded by the current user's privilege level; administrative users face full system compromise, while standard users face limited but still significant code execution risk.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
ghsa7.5HIGH
osv7.5HIGH
vulncheck7.5HIGH
vendor_msrc7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.