Information Disclosure Vulnerability in Microsoft Browsers and Scripting Engine
CVE-2018-8315
4.2MEDIUM
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 13 September 2018
What is CVE-2018-8315?
An information disclosure vulnerability occurs when the browser scripting engine improperly handles object types. This can lead to exposure of sensitive information to unauthorized users. The issue affects multiple versions of Microsoft’s browsers, including Internet Explorer 11, Internet Explorer 10, and Microsoft Edge, alongside the ChakraCore scripting engine. Attackers may exploit this vulnerability through crafted web content, potentially giving them access to information intended to be kept secure.
Affected Version(s)
ChakraCore ChakraCore
Internet Explorer 10 Windows Server 2012
Internet Explorer 11 Windows 10 for 32-bit Systems