CVE-2018-0874
Status: Analyzed
Last modified:
24-08-2020
Published:
14-03-2018
7.5
SUMMARY CVE-2018-0874
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.
Access CVSS3 CVE-2018-0874
Attack Complexity | Attack Vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
HIGH | NETWORK | NONE | UNCHANGED | REQUIRED |
Impact CVSS3 CVE-2018-0874
Confidentiality | Integrity | Availability |
---|---|---|
HIGH | HIGH | HIGH |
Details CVE-2018-0874
EPSS | 0.06392 |
---|---|
EPSS % | 0.93861 |
References | |
CWE | CWE-787 |
Vulnerable Configurations |
|
CVSS3 Source | nvd@nist.gov |
CVSS3 Type | Primary |
CVSS3 Vector | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |