Lucene search
AkaynZDI-18-433HistoryMay 14, 2018 - 12:00 a.m.
Microsoft Edge OutputElement DoReset Use-After-Free Information Disclosure Vulnerability
2018-05-1400:00:00
akayn
www.zerodayinitiative.com
8
EPSS
0.004
Percentile
72.5%
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within OutputElement::DoReset. By manipulating a documentâs elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
Related
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Memory Corruption (CVE-2018-8123)
2018-05-08 00:00:00
symantec
symantec
Microsoft Edge CVE-2018-8123 Remote Memory Corruption Vulnerability
2018-05-08 00:00:00
mscve
mscve
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
2018-05-08 07:00:00
nvd
nvd
CVE-2018-1021
2018-05-09 19:29:00
CVE-2018-8123
2018-05-09 19:29:01
cve
cve
CVE-2018-8123
2018-05-09 19:29:01
CVE-2018-1021
2018-05-09 19:29:00
cvelist
cvelist
CVE-2018-1021
2018-05-09 19:00:00
CVE-2018-8123
2018-05-09 19:00:00
prion
prion
Information disclosure
2018-05-09 19:29:00
Information disclosure
2018-05-09 19:29:00
kaspersky
kaspersky
KLA11247 Multiple vulnerabilities in Microsoft Browsers
2018-05-08 00:00:00
nessus
nessus
mskb
mskb
May 8, 2018âKB4103727 (OS Build 16299.431)
2018-05-08 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4103727)
2018-05-09 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - May 2018
2018-05-08 12:02:00
trendmicroblog
trendmicroblog