PT-2018-1491 · Microsoft · Edge+2

James Lee

Published

2018-08-14

Updated

2019-10-03

CVE-2018-8357

CVSS v3.1

8.3

High

Vector

AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Internet Explorer 11 Microsoft Edge

Description An elevation of privilege issue exists in Microsoft browsers, allowing sandbox escape. This could enable an attacker to elevate privileges on an affected system. The vulnerability by itself does not allow arbitrary code execution but could be used in combination with another vulnerability to run arbitrary code.

Recommendations For Internet Explorer 11, update to a version that includes the fix for this issue. For Microsoft Edge, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-265

Related Identifiers

BDU:2018-01042

CVE-2018-8357

Affected Products

Edge

Internet Explorer

Internet Explorer 11

PT-2018-1491 · Microsoft · Edge+2

CVE-2018-8357

Weakness Enumeration

Related Identifiers

Affected Products

References · 8