CVE-2018-0800: Infoleak
First published: Thu Jan 04 2018(Updated: )
Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Chakra | <=1.7.6 | |
| Microsoft Edge Beta | ||
| Microsoft Windows 10 | =1709 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-0800?
CVE-2018-0800 has a severity rating of important as it allows for information disclosure.
How do I fix CVE-2018-0800?
To fix CVE-2018-0800, ensure that your Microsoft Edge and ChakraCore are updated to the latest versions.
Which software is affected by CVE-2018-0800?
CVE-2018-0800 affects Microsoft Edge and versions of ChakraCore up to 1.7.6 on Windows 10 1709.
Can CVE-2018-0800 be exploited remotely?
Yes, CVE-2018-0800 can potentially be exploited remotely by an attacker.
What type of vulnerability is CVE-2018-0800?
CVE-2018-0800 is classified as an information disclosure vulnerability within the scripting engine.
- agent/type
- agent/author
- agent/remedy
- agent/severity
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft chakra
- version/microsoft chakra/1.7.6
- canonical/microsoft edge beta
- canonical/microsoft windows 10
- version/microsoft windows 10/1709