Id:
CVE-2018-8552
Comment
:
An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Windows Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
CVSSv2 Score:
7.6
Access vector:
|
NETWORK
|
Access complexity:
|
HIGH
|
Authentication:
|
NONE
|
Confidentiality impact:
|
COMPLETE
|
Integrity impact:
|
COMPLETE
|
Availability impact:
|
COMPLETE
|
CVSSv2 Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.5
Attack vector:
|
NETWORK
|
Attack complexity:
|
HIGH
|
Privileges required:
|
NONE
|
User interaction:
|
REQUIRED
|
Scope:
|
UNCHANGED
|
Confidentiality impact:
|
HIGH
|
Integrity impact:
|
HIGH
|
Availability impact:
|
HIGH
|
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
References: