CVE-2018-8385

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-8385
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-8385.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-8385
Aliases
Published
2018-08-15T17:29:08Z
Modified
2024-10-12T04:08:52.406965Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390.

References

Affected packages

Git / github.com/microsoft/chakracore

Affected ranges

Type
GIT
Repo
https://github.com/microsoft/chakracore
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

v1.*

v1.10.0
v1.10.1
v1.10.2
v1.11.0
v1.11.1
v1.11.2
v1.11.3
v1.11.4
v1.11.5
v1.11.6
v1.11.7
v1.11.8
v1.11.9
v1.2.0.0
v1.2.1
v1.2.2
v1.2.3
v1.3.0
v1.3.1
v1.3.2
v1.4.0
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.6.0
v1.6.1
v1.6.2
v1.7.0
v1.7.1
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.8.0
v1.8.1
v1.8.2
v1.8.3
v1.8.4
v1.8.5