Think you have a false positive on this rule?

Sid 1-46927

Message

BROWSER-IE Microsoft Edge ClipPath out of bounds write attempt

Summary

This event is generated when an out of bounds write in a ClipPath element has been detected which could lead to remote code execution in Microsoft Edge.

Impact

Attempted User Privilege Gain

CVE-2018-8110:

CVSS base score 7.5

CVSS impact score 5.9

CVSS exploitability score 1.6

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Detailed information

CVE-2018-8110: A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8111, CVE-2018-8236.

Affected systems

  • microsoft edge -

Ease of attack

CVE-2018-8110:

Access Vector

Access Complexity

Authentication

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • url