CVE-2018-8653

Status: Analyzed

Last modified: 28-09-2020

Published: 20-12-2018

7.5

SUMMARY CVE-2018-8653

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8643.

Access CVSS3 CVE-2018-8653

Attack Complexity	Attack Vector	Privileges Required	Scope	User Interaction
HIGH	NETWORK	NONE	UNCHANGED	REQUIRED

Impact CVSS3 CVE-2018-8653

Confidentiality	Integrity	Availability
HIGH	HIGH	HIGH

Details CVE-2018-8653

EPSS	0.02264
EPSS %	0.89836
References	http://www.securityfocus.com/bid/106255 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653
CWE	CWE-787
Vulnerable Configurations	cpe:2.3:a:microsoft:internet_explorer:9:::::::* cpe:2.3:a:microsoft:internet_explorer:9:::::::* cpe:2.3:o:microsoft:windows_server_2008:-:sp2:::::: cpe:2.3:o:microsoft:windows_server_2008:-:sp2:::::: cpe:2.3:a:microsoft:internet_explorer:10:::::::* cpe:2.3:a:microsoft:internet_explorer:10:::::::* cpe:2.3:o:microsoft:windows_server_2012:-:::::::* cpe:2.3:o:microsoft:windows_server_2012:-:::::::* cpe:2.3:a:microsoft:internet_explorer:11:-:::::: cpe:2.3:a:microsoft:internet_explorer:11:-:::::: cpe:2.3:o:microsoft:windows_10:-:::::::* cpe:2.3:o:microsoft:windows_10:-:::::::* cpe:2.3:o:microsoft:windows_10:1607:::::::* cpe:2.3:o:microsoft:windows_10:1607:::::::* cpe:2.3:o:microsoft:windows_10:1703:::::::* cpe:2.3:o:microsoft:windows_10:1703:::::::* cpe:2.3:o:microsoft:windows_10:1709:::::::* cpe:2.3:o:microsoft:windows_10:1709:::::::* cpe:2.3:o:microsoft:windows_10:1803:::::::* cpe:2.3:o:microsoft:windows_10:1803:::::::* cpe:2.3:o:microsoft:windows_10:1809:::::::* cpe:2.3:o:microsoft:windows_10:1809:::::::* cpe:2.3:o:microsoft:windows_7:-:sp1:::::: cpe:2.3:o:microsoft:windows_7:-:sp1:::::: cpe:2.3:o:microsoft:windows_8.1:-::::pro_n::: cpe:2.3:o:microsoft:windows_8.1:-::::pro_n::: cpe:2.3:o:microsoft:windows_rt_8.1:-:::::::* cpe:2.3:o:microsoft:windows_rt_8.1:-:::::::* cpe:2.3:o:microsoft:windows_server_2012:r2:::::::* cpe:2.3:o:microsoft:windows_server_2012:r2:::::::* cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_server_2019:-:::::::* cpe:2.3:o:microsoft:windows_server_2019:-:::::::*
CVSS3 Source	nvd@nist.gov
CVSS3 Type	Primary
CVSS3 Vector	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H