Vulnerabilities > CVE-2018-8298 - Type Confusion vulnerability in Microsoft Chakracore
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description | Microsoft Edge Chakra JIT - InitializeNumberFormat and InitializeDateTimeFormat Type Confusion. CVE-2018-8298. Dos exploit for Windows platform. Tags: Type C... |
file | exploits/windows/dos/45217.js |
id | EDB-ID:45217 |
last seen | 2018-08-17 |
modified | 2018-08-17 |
platform | windows |
port | |
published | 2018-08-17 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/45217/ |
title | Microsoft Edge Chakra JIT - InitializeNumberFormat and InitializeDateTimeFormat Type Confusion |
type | dos |
Packetstorm
data source | https://packetstormsecurity.com/files/download/148985/GS20180817193510.txt |
id | PACKETSTORM:148985 |
last seen | 2018-08-18 |
published | 2018-08-17 |
reporter | Google Security Research |
source | https://packetstormsecurity.com/files/148985/Microsoft-Edge-Chakra-InitializeNumberFormat-InitializeDateTimeFormat-Type-Confusion.html |
title | Microsoft Edge Chakra InitializeNumberFormat / InitializeDateTimeFormat Type Confusion |
The Hacker News
id | THN:482268607F3476C1920BBF880270C854 |
last seen | 2018-07-10 |
modified | 2018-07-10 |
published | 2018-07-10 |
reporter | The Hacker News |
source | https://thehackernews.com/2018/07/microsoft-security-patch-update.html |
title | Microsoft Releases Patch Updates for 53 Vulnerabilities In Its Software |
References
- http://www.securityfocus.com/bid/104639
- http://www.securityfocus.com/bid/104639
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298
- https://www.exploit-db.com/exploits/45217/
- https://www.exploit-db.com/exploits/45217/