CVE-2018-0836
Status: Analyzed
Last modified:
24-08-2020
Published:
15-02-2018
7.5
SUMMARY CVE-2018-0836
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
Access CVSS3 CVE-2018-0836
Attack Complexity | Attack Vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
HIGH | NETWORK | NONE | UNCHANGED | REQUIRED |
Impact CVSS3 CVE-2018-0836
Confidentiality | Integrity | Availability |
---|---|---|
HIGH | HIGH | HIGH |
Details CVE-2018-0836
EPSS | 0.06392 |
---|---|
EPSS % | 0.93861 |
References | |
CWE | CWE-787 |
Vulnerable Configurations |
|
CVSS3 Source | nvd@nist.gov |
CVSS3 Type | Primary |
CVSS3 Vector | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |