CVE-2018-8291 – Microsoft Edge Chakra JIT - 'DictionaryPropertyDescriptor::CopyFrom' Type Confusion
https://notcve.org/view.php?id=CVE-2018-8291
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting gestiona los objetos en la memoria en los navegadores de Microsoft. Esto también se conoce como "Scripting Engine Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/45215 http://www.securityfocus.com/bid/104637 http://www.securitytracker.com/id/1041256 http://www.securitytracker.com/id/1041258 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2018-8242 – Microsoft Windows VBScript Class_Terminate Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8242
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting gestiona los objetos en la memoria en Internet Explorer. Esto también se conoce como "Scripting Engine Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/104620 http://www.securitytracker.com/id/1041258 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8242 • CWE-787: Out-of-bounds Write •
CVE-2018-0949
https://notcve.org/view.php?id=CVE-2018-0949
A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. Existe una vulnerabilidad de omisión de la característica de seguridad cuando Microsoft Internet Explorer gestiona de manera incorrecta las peticiones relacionadas con recursos UNC. Esto también se conoce como "Internet Explorer Security Feature Bypass Vulnerability". Esto afecta a Internet Explorer 9, Internet Explorer 11 e Internet Explorer 10. • http://www.securityfocus.com/bid/104622 http://www.securitytracker.com/id/1041258 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0949 •
CVE-2018-8288 – Microsoft Edge Chakra JIT - ImplicitCallFlags Check Bypass with Intl
https://notcve.org/view.php?id=CVE-2018-8288
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting gestiona los objetos en la memoria en los navegadores de Microsoft. Esto también se conoce como "Scripting Engine Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/45213 http://www.securityfocus.com/bid/104636 http://www.securitytracker.com/id/1041256 http://www.securitytracker.com/id/1041258 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288 • CWE-787: Out-of-bounds Write •
CVE-2018-8296
https://notcve.org/view.php?id=CVE-2018-8296
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8298. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting gestiona los objetos en la memoria en Internet Explorer. Esto también se conoce como "Scripting Engine Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/104638 http://www.securitytracker.com/id/1041258 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8296 • CWE-787: Out-of-bounds Write •