CVE-2018-8351

Summary

An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

Affected Software

VendorProductVersion RangeStatus
MicrosoftInternet Explorer 11Windows 10 for 32-bit Systemsaffected
MicrosoftInternet Explorer 11Windows 10 for x64-based Systemsaffected
MicrosoftInternet Explorer 11Windows 10 Version 1607 for 32-bit Systemsaffected
MicrosoftInternet Explorer 11Windows 10 Version 1607 for x64-based Systemsaffected
MicrosoftInternet Explorer 11Windows 10 Version 1703 for 32-bit Systemsaffected
MicrosoftInternet Explorer 11Windows 10 Version 1703 for x64-based Systemsaffected
MicrosoftInternet Explorer 11Windows 10 Version 1709 for 32-bit Systemsaffected
MicrosoftInternet Explorer 11Windows 10 Version 1709 for x64-based Systemsaffected
MicrosoftInternet Explorer 11Windows 10 Version 1803 for 32-bit Systemsaffected
MicrosoftInternet Explorer 11Windows 10 Version 1803 for x64-based Systemsaffected
MicrosoftInternet Explorer 11Windows 7 for 32-bit Systems Service Pack 1affected
MicrosoftInternet Explorer 11Windows 7 for x64-based Systems Service Pack 1affected
MicrosoftInternet Explorer 11Windows 8.1 for 32-bit systemsaffected
MicrosoftInternet Explorer 11Windows 8.1 for x64-based systemsaffected
MicrosoftInternet Explorer 11Windows RT 8.1affected
MicrosoftInternet Explorer 11Windows Server 2008 R2 for x64-based Systems Service Pack 1affected
MicrosoftInternet Explorer 11Windows Server 2012 R2affected
MicrosoftInternet Explorer 11Windows Server 2016affected
MicrosoftMicrosoft EdgeWindows 10 for 32-bit Systemsaffected
MicrosoftMicrosoft EdgeWindows 10 for x64-based Systemsaffected
MicrosoftMicrosoft EdgeWindows 10 Version 1803 for 32-bit Systemsaffected
MicrosoftMicrosoft EdgeWindows 10 Version 1803 for x64-based Systemsaffected
MicrosoftInternet Explorer 10Windows Server 2012affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References