CVE-2018-8373: Microsoft Scripting Engine Memory Corruption Vulnerability
First published: Wed Aug 15 2018(Updated: )
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Internet Explorer | ||
| All of | ||
| Internet Explorer | =11 | |
| Any of | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT | ||
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server 2016 | ||
| All of | ||
| Internet Explorer | =10 | |
| Microsoft Windows Server | ||
| All of | ||
| Internet Explorer | =9 | |
| Microsoft Windows Server | =sp2 | |
| Internet Explorer | =11 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT | ||
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server 2016 | ||
| Internet Explorer | =10 | |
| Microsoft Windows Server | ||
| Internet Explorer | =9 | |
| Microsoft Windows Server | =sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-8373?
CVE-2018-8373 is categorized as a critical remote code execution vulnerability affecting Internet Explorer.
How do I fix CVE-2018-8373?
To fix CVE-2018-8373, update Internet Explorer to the latest security patches provided by Microsoft.
Which versions of Internet Explorer are affected by CVE-2018-8373?
CVE-2018-8373 affects Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.
What impact can CVE-2018-8373 have on my system?
CVE-2018-8373 allows attackers to execute arbitrary code on affected systems, leading to potential data loss or theft.
Is there any workaround for CVE-2018-8373?
Currently, the most effective workaround for CVE-2018-8373 is to use an alternative browser until the vulnerability is patched.
- agent/type
- agent/description
- agent/title
- agent/weakness
- agent/remedy
- agent/first-publish-date
- agent/references
- agent/author
- agent/event
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft internet explorer
- canonical/internet explorer
- version/internet explorer/11
- canonical/microsoft windows 10
- version/microsoft windows 10/1607
- version/microsoft windows 10/1703
- version/microsoft windows 10/1709
- version/microsoft windows 10/1803
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt
- canonical/microsoft windows server
- version/microsoft windows server/r2-sp1
- version/microsoft windows server/r2
- canonical/microsoft windows server 2016
- version/internet explorer/10
- version/internet explorer/9
- version/microsoft windows server/sp2