CVE-2018-8301 — Out-of-bounds Write in Microsoft Chakracore
Severity
7.5HIGHNVD
EPSS
53.7%
top 2.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 11
Latest updateMay 13
Description
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279.
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9
Affected Packages3 packages
Patches
🔴Vulnerability Details
13GHSA▶
GHSA-fgfh-24j7-9r3h: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerab↗2022-05-13
GHSA▶
GHSA-4w7p-x83q-gm7p: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerab↗2022-05-13
GHSA▶
GHSA-wh43-qhcc-2p2j: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerab↗2022-05-13
GHSA▶
GHSA-qx2v-2m6g-2vh6: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerab↗2022-05-13
GHSA▶
GHSA-44vf-4hm9-43gf: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerab↗2022-05-13