CVE-2018-8145

Name of the Vulnerable Software and Affected Versions Internet Explorer and Microsoft Edge (affected versions not specified)

Description The issue is related to errors in handling objects in memory by the ChakraCore JavaScript engine. Exploitation of this issue could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. An information disclosure issue exists when Chakra improperly discloses the contents of its memory, potentially providing an attacker with information to further compromise a user's computer or data. To exploit the issue, an attacker must know the memory address of where the object was created.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.