CVE-2018-1023

Description

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

Affected products

• Microsoft / ChakraCoreChakraCore – ChakraCore
• Microsoft / Microsoft EdgeWindows 10 for x64-based Systems – Windows 10 for x64-based Systems
• Microsoft / Microsoft EdgeWindows 10 Version 1511 for 32-bit Systems – Windows 10 Version 1511 for 32-bit Systems
• Microsoft / Microsoft EdgeWindows 10 Version 1511 for x64-based Systems – Windows 10 Version 1511 for x64-based Systems
• Microsoft / Microsoft EdgeWindows 10 Version 1607 for 32-bit Systems – Windows 10 Version 1607 for 32-bit Systems
• Microsoft / Microsoft EdgeWindows 10 Version 1607 for x64-based Systems – Windows 10 Version 1607 for x64-based Systems
• Microsoft / Microsoft EdgeWindows 10 for 32-bit Systems – Windows 10 for 32-bit Systems
• Microsoft / Microsoft EdgeWindows 10 Version 1703 for x64-based Systems – Windows 10 Version 1703 for x64-based Systems
• Microsoft / Microsoft EdgeWindows 10 Version 1709 for 32-bit Systems – Windows 10 Version 1709 for 32-bit Systems
• Microsoft / Microsoft EdgeWindows 10 Version 1709 for x64-based Systems – Windows 10 Version 1709 for x64-based Systems
• Microsoft / Microsoft EdgeWindows Server 2016 – Windows Server 2016
• Microsoft / Microsoft EdgeWindows 10 Version 1703 for 32-bit Systems – Windows 10 Version 1703 for 32-bit Systems

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1023
• MISChttp://www.securitytracker.com/id/1040650
• MISChttp://www.securityfocus.com/bid/103606