[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247621

 
 

909

 
 

194512

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

Microsoft Edge Security Feature Bypass Vulnerability - CVE-2018-8512

ID: oval:org.secpod.oval:def:47891Date: (C)2018-10-10   (M)2024-01-19
Class: VULNERABILITYFamily: windows




A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker who exploited the bypass could trick a user into loading a page containing malicious content. To exploit the bypass, an attacker must trick a user into either loading a page containing malicious content or visiting a malicious website. The attacker could also inject the malicious page into either a compromised website or an advertisement network. The security update addresses the bypass by correcting how the Edge CSP validates documents.

Platform:
Microsoft Windows 10
Product:
Microsoft Edge
Reference:
CVE-2018-8512
CVE    1
CVE-2018-8512
CPE    8
cpe:/a:microsoft:chakracore
cpe:/o:microsoft:windows_10:1703:::x64
cpe:/o:microsoft:windows_10:1703:::x86
cpe:/o:microsoft:windows_10:1709
...

© SecPod Technologies