RULE(RULE ID:321881)

Rule General Information
Release Date: 2019-06-20
Rule Name: Microsoft Edge Chakra BoxStackInstance Stack to Heap Copy Vulnerability (CVE-2018-0776)
Severity:
CVE ID:
Rule Protection Details
Description: Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
Impact: An attacker could exploit this vulnerability to have unspecified effect.
Affected OS: Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others
Reference: SecurityFocusBID:102401
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776
SecurityTrackerID:1040100
ExploitDB:43723
Solutions
The vendors have released upgrade patches to fix vulnerabilities, please visit:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776