|
|||
Rule General Information |
---|
Release Date: | 2019-06-20 | |
Rule Name: | Microsoft Edge Chakra BoxStackInstance Stack to Heap Copy Vulnerability (CVE-2018-0776) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781. | |
Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
Reference: | SecurityFocusBID:102401 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776 SecurityTrackerID:1040100 ExploitDB:43723 |
|
Solutions |
---|
The vendors have released upgrade patches to fix vulnerabilities, please visit: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776 |