CVE-2018-0835

Name of the Vulnerable Software and Affected Versions Microsoft Edge (affected versions not specified) ChakraCore (affected versions not specified)

Description The issue is related to the incorrect handling of objects in memory by the scripting engine in Microsoft Edge and the ChakraCore JavaScript engine handler. This could allow a remote attacker to corrupt memory and execute arbitrary code using a specially crafted web page. If the current user has administrative rights, a successful exploitation could lead to the attacker gaining control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Edge, update to a version that includes the fix for this issue. For ChakraCore, apply the necessary configuration changes or patches to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to potentially vulnerable web pages until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.