Search

Find a vulnerability

Search criteria

    181 vulnerabilities found for Microsoft Edge by Microsoft Corporation

    CVE-2018-0893 (GCVE-0-2018-0893)

    Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-16 20:22
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040507 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/103288 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.563Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0893"
              },
              {
                "name": "1040507",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040507"
              },
              {
                "name": "103288",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103288"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-15T09:57:02.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0893"
            },
            {
              "name": "1040507",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040507"
            },
            {
              "name": "103288",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103288"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-03-14T00:00:00",
              "ID": "CVE-2018-0893",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0893",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0893"
                },
                {
                  "name": "1040507",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040507"
                },
                {
                  "name": "103288",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103288"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0893",
        "datePublished": "2018-03-14T17:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:22:50.380Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0889 (GCVE-0-2018-0889)

    Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-16 19:35
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1040510 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/103295 vdb-entryx_refsource_BID
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.016Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040510",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040510"
              },
              {
                "name": "103295",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103295"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0889"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-15T09:57:02.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "1040510",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040510"
            },
            {
              "name": "103295",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103295"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0889"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-03-14T00:00:00",
              "ID": "CVE-2018-0889",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040510",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040510"
                },
                {
                  "name": "103295",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103295"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0889",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0889"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0889",
        "datePublished": "2018-03-14T17:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:35:19.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0879 (GCVE-0-2018-0879)

    Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-17 02:57
    VLAI
    Summary
    Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/103303 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040507 vdb-entryx_refsource_SECTRACK
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 1709
    Create a notification for this product.
    Date Public
    2018-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.627Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "103303",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103303"
              },
              {
                "name": "1040507",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040507"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0879"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 1709"
                }
              ]
            }
          ],
          "datePublic": "2018-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-15T09:57:02.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "103303",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103303"
            },
            {
              "name": "1040507",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040507"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0879"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-03-14T00:00:00",
              "ID": "CVE-2018-0879",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 1709"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "103303",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103303"
                },
                {
                  "name": "1040507",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040507"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0879",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0879"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0879",
        "datePublished": "2018-03-14T17:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:57:53.163Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0876 (GCVE-0-2018-0876)

    Vulnerability from nvd – Published: 2018-03-14 17:00 – Updated: 2024-09-17 00:46
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/103289 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040507 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.109Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0876"
              },
              {
                "name": "103289",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103289"
              },
              {
                "name": "1040507",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040507"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-15T09:57:02.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0876"
            },
            {
              "name": "103289",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103289"
            },
            {
              "name": "1040507",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040507"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-03-14T00:00:00",
              "ID": "CVE-2018-0876",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0876",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0876"
                },
                {
                  "name": "103289",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103289"
                },
                {
                  "name": "1040507",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040507"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0876",
        "datePublished": "2018-03-14T17:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:46:15.022Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0861 (GCVE-0-2018-0861)

    Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-16 17:38
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866.
    Severity
    No CVSS data available.
    CWE
    • Critical
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102884 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040372 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1607, 1703, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.148Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861"
              },
              {
                "name": "102884",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102884"
              },
              {
                "name": "1040372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040372"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Critical",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861"
            },
            {
              "name": "102884",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102884"
            },
            {
              "name": "1040372",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040372"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-02-13T00:00:00",
              "ID": "CVE-2018-0861",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Critical"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861"
                },
                {
                  "name": "102884",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102884"
                },
                {
                  "name": "1040372",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040372"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0861",
        "datePublished": "2018-02-15T02:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:38:57.971Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0839 (GCVE-0-2018-0839)

    Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-16 19:55
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0763.
    Severity
    No CVSS data available.
    CWE
    • Important
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/102860 vdb-entryx_refsource_BID
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040372 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1703
    Create a notification for this product.
    Date Public
    2018-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.561Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102860",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102860"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839"
              },
              {
                "name": "1040372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040372"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1703"
                }
              ]
            }
          ],
          "datePublic": "2018-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0763."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Important",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "102860",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102860"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839"
            },
            {
              "name": "1040372",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040372"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-02-13T00:00:00",
              "ID": "CVE-2018-0839",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1703"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0763."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Important"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102860",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102860"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839"
                },
                {
                  "name": "1040372",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040372"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0839",
        "datePublished": "2018-02-15T02:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:55:51.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0771 (GCVE-0-2018-0771)

    Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-17 00:30
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka "Microsoft Edge Security Feature Bypass".
    Severity
    No CVSS data available.
    CWE
    • Moderate
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/102857 vdb-entryx_refsource_BID
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040372 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1607, 1703, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.388Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102857",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102857"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771"
              },
              {
                "name": "1040372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040372"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka \"Microsoft Edge Security Feature Bypass\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Moderate",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "102857",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102857"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771"
            },
            {
              "name": "1040372",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040372"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-02-13T00:00:00",
              "ID": "CVE-2018-0771",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka \"Microsoft Edge Security Feature Bypass\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Moderate"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102857",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102857"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771"
                },
                {
                  "name": "1040372",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040372"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0771",
        "datePublished": "2018-02-15T02:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:30:57.144Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0763 (GCVE-0-2018-0763)

    Vulnerability from nvd – Published: 2018-02-15 02:00 – Updated: 2024-09-17 03:22
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0839.
    Severity
    No CVSS data available.
    CWE
    • Critical
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102873 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040372 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1703 and 1709.
    Create a notification for this product.
    Date Public
    2018-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.360Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763"
              },
              {
                "name": "102873",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102873"
              },
              {
                "name": "1040372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040372"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1703 and 1709."
                }
              ]
            }
          ],
          "datePublic": "2018-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0839."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Critical",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763"
            },
            {
              "name": "102873",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102873"
            },
            {
              "name": "1040372",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040372"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-02-13T00:00:00",
              "ID": "CVE-2018-0763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1703 and 1709."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0839."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Critical"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763"
                },
                {
                  "name": "102873",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102873"
                },
                {
                  "name": "1040372",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040372"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0763",
        "datePublished": "2018-02-15T02:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:22:34.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0803 (GCVE-0-2018-0803)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 23:41
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka "Microsoft Edge Elevation of Privilege Vulnerability".
    Severity
    No CVSS data available.
    CWE
    • Elevation of Privilege
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/102384 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.391Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0803"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "102384",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102384"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka \"Microsoft Edge Elevation of Privilege Vulnerability\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-05T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0803"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "102384",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102384"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0803",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka \"Microsoft Edge Elevation of Privilege Vulnerability\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Elevation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0803",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0803"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "102384",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102384"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0803",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:41:27.406Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0800 (GCVE-0-2018-0800)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-17 00:06
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102392 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1709
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0800"
              },
              {
                "name": "102392",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102392"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1709"
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user\u0027s system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-05T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0800"
            },
            {
              "name": "102392",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102392"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0800",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1709"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user\u0027s system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0800",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0800"
                },
                {
                  "name": "102392",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102392"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0800",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:06:29.793Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0781 (GCVE-0-2018-0781)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 17:49
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0778.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/102404 vdb-entryx_refsource_BID
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.378Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "102404",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102404"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0781"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0778."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-05T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "102404",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102404"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0781"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0781",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0778."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "102404",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102404"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0781",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0781"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0781",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:49:10.124Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0780 (GCVE-0-2018-0780)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 19:47
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0800.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/43720/ exploitx_refsource_EXPLOIT-DB
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/102389 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43720",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43720/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0780"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "102389",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102389"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user\u0027s system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0800."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-19T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "43720",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43720/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0780"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "102389",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102389"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0780",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user\u0027s system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0800."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43720",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43720/"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0780",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0780"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "102389",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102389"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0780",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:47:29.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0778 (GCVE-0-2018-0778)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 22:30
    VLAI
    Summary
    Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102403 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 1709
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.379Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0778"
              },
              {
                "name": "102403",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102403"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 1709"
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-05T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0778"
            },
            {
              "name": "102403",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102403"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0778",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 1709"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0778",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0778"
                },
                {
                  "name": "102403",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102403"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0778",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:30:20.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0777 (GCVE-0-2018-0777)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 17:19
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0778, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/102402 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    https://www.exploit-db.com/exploits/43718/ exploitx_refsource_EXPLOIT-DB
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.331Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102402",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102402"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "43718",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43718/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0777"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0778, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-19T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "102402",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102402"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "43718",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43718/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0777"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0777",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0778, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102402",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102402"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "43718",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43718/"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0777",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0777"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0777",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:19:14.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0776 (GCVE-0-2018-0776)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 17:24
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    https://www.exploit-db.com/exploits/43723/ exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/102401 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.329Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "43723",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43723/"
              },
              {
                "name": "102401",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102401"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-19T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "43723",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43723/"
            },
            {
              "name": "102401",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102401"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0776",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "43723",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43723/"
                },
                {
                  "name": "102401",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102401"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0776",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:24:13.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0775 (GCVE-0-2018-0775)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-17 00:02
    VLAI
    Summary
    Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/43717/ exploitx_refsource_EXPLOIT-DB
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102400 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 1709
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.356Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43717",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43717/"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775"
              },
              {
                "name": "102400",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102400"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 1709"
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-19T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "43717",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43717/"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775"
            },
            {
              "name": "102400",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102400"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0775",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 1709"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43717",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43717/"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775"
                },
                {
                  "name": "102400",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102400"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0775",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:02:07.121Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0774 (GCVE-0-2018-0774)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 19:31
    VLAI
    Summary
    Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/43715/ exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/102399 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 1709
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.449Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0774"
              },
              {
                "name": "43715",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43715/"
              },
              {
                "name": "102399",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102399"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 1709"
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-19T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0774"
            },
            {
              "name": "43715",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43715/"
            },
            {
              "name": "102399",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102399"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0774",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 1709"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0774",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0774"
                },
                {
                  "name": "43715",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43715/"
                },
                {
                  "name": "102399",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102399"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0774",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:31:41.118Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0773 (GCVE-0-2018-0773)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 23:20
    VLAI
    Summary
    Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/102398 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 1709
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.377Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0773"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "102398",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102398"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 1709"
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-05T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0773"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "102398",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102398"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0773",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 1709"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0773",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0773"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "102398",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102398"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0773",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:20:28.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0770 (GCVE-0-2018-0770)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-17 03:58
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/44075/ exploitx_refsource_EXPLOIT-DB
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/102397 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.394Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "44075",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/44075/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0770"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "102397",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102397"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-17T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "44075",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/44075/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0770"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "102397",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102397"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0770",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "44075",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/44075/"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0770",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0770"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "102397",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102397"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0770",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:58:54.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0769 (GCVE-0-2018-0769)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 22:15
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/102396 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    https://www.exploit-db.com/exploits/43710/ exploitx_refsource_EXPLOIT-DB
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.380Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102396",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102396"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "43710",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43710/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0769"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-19T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "102396",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102396"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "43710",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43710/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0769"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0769",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102396",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102396"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "43710",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43710/"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0769",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0769"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0769",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:15:40.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0768 (GCVE-0-2018-0768)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-17 02:56
    VLAI
    Summary
    Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/102395 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 1709
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.448Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0768"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "102395",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102395"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 1709"
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-05T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0768"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "102395",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102395"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0768",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 1709"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0768",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0768"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "102395",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102395"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0768",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:56:54.679Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0767 (GCVE-0-2018-0767)

    Vulnerability from nvd – Published: 2018-01-04 14:00 – Updated: 2024-09-16 17:48
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0780 and CVE-2018-0800.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040100 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/102393 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/43522/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.454Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0767"
              },
              {
                "name": "1040100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040100"
              },
              {
                "name": "102393",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102393"
              },
              {
                "name": "43522",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43522/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user\u0027s system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0780 and CVE-2018-0800."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-13T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0767"
            },
            {
              "name": "1040100",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040100"
            },
            {
              "name": "102393",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102393"
            },
            {
              "name": "43522",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43522/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-01-03T00:00:00",
              "ID": "CVE-2018-0767",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user\u0027s system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0780 and CVE-2018-0800."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0767",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0767"
                },
                {
                  "name": "1040100",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040100"
                },
                {
                  "name": "102393",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102393"
                },
                {
                  "name": "43522",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43522/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0767",
        "datePublished": "2018-01-04T14:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:48:20.913Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0876 (GCVE-0-2018-0876)

    Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-17 00:46
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/103289 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040507 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.109Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0876"
              },
              {
                "name": "103289",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103289"
              },
              {
                "name": "1040507",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040507"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-15T09:57:02.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0876"
            },
            {
              "name": "103289",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103289"
            },
            {
              "name": "1040507",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040507"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-03-14T00:00:00",
              "ID": "CVE-2018-0876",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0876",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0876"
                },
                {
                  "name": "103289",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103289"
                },
                {
                  "name": "1040507",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040507"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0876",
        "datePublished": "2018-03-14T17:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:46:15.022Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0879 (GCVE-0-2018-0879)

    Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-17 02:57
    VLAI
    Summary
    Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/103303 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040507 vdb-entryx_refsource_SECTRACK
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Windows 10 1709
    Create a notification for this product.
    Date Public
    2018-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.627Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "103303",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103303"
              },
              {
                "name": "1040507",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040507"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0879"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows 10 1709"
                }
              ]
            }
          ],
          "datePublic": "2018-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-15T09:57:02.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "103303",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103303"
            },
            {
              "name": "1040507",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040507"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0879"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-03-14T00:00:00",
              "ID": "CVE-2018-0879",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows 10 1709"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "103303",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103303"
                },
                {
                  "name": "1040507",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040507"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0879",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0879"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0879",
        "datePublished": "2018-03-14T17:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:57:53.163Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0889 (GCVE-0-2018-0889)

    Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-16 19:35
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1040510 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/103295 vdb-entryx_refsource_BID
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.016Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040510",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040510"
              },
              {
                "name": "103295",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103295"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0889"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-15T09:57:02.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "1040510",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040510"
            },
            {
              "name": "103295",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103295"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0889"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-03-14T00:00:00",
              "ID": "CVE-2018-0889",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040510",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040510"
                },
                {
                  "name": "103295",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103295"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0889",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0889"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0889",
        "datePublished": "2018-03-14T17:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:35:19.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0893 (GCVE-0-2018-0893)

    Vulnerability from cvelistv5 – Published: 2018-03-14 17:00 – Updated: 2024-09-16 20:22
    VLAI
    Summary
    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040507 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/103288 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.563Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0893"
              },
              {
                "name": "1040507",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040507"
              },
              {
                "name": "103288",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103288"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-15T09:57:02.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0893"
            },
            {
              "name": "1040507",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040507"
            },
            {
              "name": "103288",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103288"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-03-14T00:00:00",
              "ID": "CVE-2018-0893",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0893",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0893"
                },
                {
                  "name": "1040507",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040507"
                },
                {
                  "name": "103288",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103288"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0893",
        "datePublished": "2018-03-14T17:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:22:50.380Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0763 (GCVE-0-2018-0763)

    Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-17 03:22
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0839.
    Severity
    No CVSS data available.
    CWE
    • Critical
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102873 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040372 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1703 and 1709.
    Create a notification for this product.
    Date Public
    2018-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.360Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763"
              },
              {
                "name": "102873",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102873"
              },
              {
                "name": "1040372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040372"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1703 and 1709."
                }
              ]
            }
          ],
          "datePublic": "2018-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0839."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Critical",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763"
            },
            {
              "name": "102873",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102873"
            },
            {
              "name": "1040372",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040372"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-02-13T00:00:00",
              "ID": "CVE-2018-0763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1703 and 1709."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0839."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Critical"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763"
                },
                {
                  "name": "102873",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102873"
                },
                {
                  "name": "1040372",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040372"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0763",
        "datePublished": "2018-02-15T02:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:22:34.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0861 (GCVE-0-2018-0861)

    Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-16 17:38
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866.
    Severity
    No CVSS data available.
    CWE
    • Critical
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102884 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040372 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1607, 1703, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.148Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861"
              },
              {
                "name": "102884",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102884"
              },
              {
                "name": "1040372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040372"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Critical",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861"
            },
            {
              "name": "102884",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102884"
            },
            {
              "name": "1040372",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040372"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-02-13T00:00:00",
              "ID": "CVE-2018-0861",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Critical"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861"
                },
                {
                  "name": "102884",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102884"
                },
                {
                  "name": "1040372",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040372"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0861",
        "datePublished": "2018-02-15T02:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:38:57.971Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0839 (GCVE-0-2018-0839)

    Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-16 19:55
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0763.
    Severity
    No CVSS data available.
    CWE
    • Important
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/102860 vdb-entryx_refsource_BID
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040372 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1703
    Create a notification for this product.
    Date Public
    2018-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.561Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102860",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102860"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839"
              },
              {
                "name": "1040372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040372"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1703"
                }
              ]
            }
          ],
          "datePublic": "2018-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0763."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Important",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "102860",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102860"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839"
            },
            {
              "name": "1040372",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040372"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-02-13T00:00:00",
              "ID": "CVE-2018-0839",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1703"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0763."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Important"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102860",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102860"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839"
                },
                {
                  "name": "1040372",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040372"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0839",
        "datePublished": "2018-02-15T02:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:55:51.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0771 (GCVE-0-2018-0771)

    Vulnerability from cvelistv5 – Published: 2018-02-15 02:00 – Updated: 2024-09-17 00:30
    VLAI
    Summary
    Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka "Microsoft Edge Security Feature Bypass".
    Severity
    No CVSS data available.
    CWE
    • Moderate
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/102857 vdb-entryx_refsource_BID
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1040372 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Edge Affected: Microsoft Windows 10 1607, 1703, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2018-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:35:49.388Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102857",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102857"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771"
              },
              {
                "name": "1040372",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040372"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Edge",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2018-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka \"Microsoft Edge Security Feature Bypass\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Moderate",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-15T10:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "102857",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102857"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771"
            },
            {
              "name": "1040372",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040372"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2018-02-13T00:00:00",
              "ID": "CVE-2018-0771",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Edge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka \"Microsoft Edge Security Feature Bypass\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Moderate"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102857",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102857"
                },
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771"
                },
                {
                  "name": "1040372",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040372"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2018-0771",
        "datePublished": "2018-02-15T02:00:00.000Z",
        "dateReserved": "2017-12-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:30:57.144Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }