BROWSER-IE -- Snort has detected traffic known to exploit vulnerabilities present in the Internet Explorer browser, or products that have the Trident or Tasman engines.
BROWSER-IE Microsoft Internet Explorer 11 JScript use-after-free attempt
This event is generated when a user using Microsoft Internet Explorer 11 accesses a page where JavaScript modifies a variable that is reused when not handled by garbage collection. Impact: Attempted User Privilege Gain Details: CVE-2018-8267 is a use after free vulnerability in the Jscript scripting engine (jscript.dll) of Windows. The root cause is where a VAR points to an object, and the object is freed because its not rooted in the GC. Ease of Attack: Simple, it is not known if any exploits exist for this.
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-8267 |
Loading description
|