CVE-2018-8373

HIGH KEV

Internet Explorer <11 - Memory Corruption

Title source: llm

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

Exploits (1)

github 34 stars

by DarkFunct · cpoc

https://github.com/DarkFunct/CVE_Exploits/tree/main/CVE-2018-8373

References (4)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/105037

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1041483

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8373

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8373

Scores

CVSS v3 7.5

EPSS 0.8249

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-25

VulnCheck KEV 2018-07-11

InTheWild.io 2018-07-11

ENISA EUVD EUVD-2018-20017

CWE

CWE-787

Status published

Products (3)

microsoft/internet_explorer 11

microsoft/internet_explorer 10

microsoft/internet_explorer 9

Published Aug 15, 2018

KEV Added Mar 25, 2022

Tracked Since Feb 18, 2026