CVE-2018-8371: Out-of-bounds Write

May 13, 2022 (updated July 21, 2023)

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka “Scripting Engine Memory Corruption Vulnerability.” This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

References

github.com/advisories/GHSA-85j8-g29g-m326
nvd.nist.gov/vuln/detail/CVE-2018-8371
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8371
web.archive.org/web/20210804005724/http://www.securityfocus.com/bid/105035
web.archive.org/web/20211205174257/http://www.securitytracker.com/id/1041483

Detect and mitigate CVE-2018-8371 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →