CVE-2018-8463
Summary
| CVE | CVE-2018-8463 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-09-13 00:29:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Edge | - | All | All | All |
| Application | Microsoft | Edge | - | All | All | All |
| Operating System | Microsoft | Windows 10 | 1803 | All | All | All |
| Operating System | Microsoft | Windows 10 | 1803 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8463 | CONFIRM | portal.msrc.microsoft.com | Patch, Vendor Advisory |
| Microsoft Edge - Sandbox Escape - Windows remote Exploit | EXPLOIT-DB | www.exploit-db.com | Third Party Advisory, VDB Entry |
| Microsoft Edge Multiple Bugs Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, Gain Elevated Privileges, and Spoof Content on the Target System - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Microsoft Edge CVE-2018-8463 Remote Privilege Escalation Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.