CVE-2018-0766

MEDIUM

Microsoft Edge - Information Disclosure via PDF Reader Memory Handling

Title source: llm
STIX 2.1

Description

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the Microsoft Edge PDF Reader handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102388
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040100

Scores

CVSS v3 4.3
EPSS 0.0826
EPSS Percentile 94.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
microsoft/edge
Published Jan 04, 2018
Tracked Since Feb 18, 2026