CVE CVE-2018-8355 Mappings

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.


Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2018-8355 ChakraCore primary_impact T1574 Hijack Execution Flow
CVE-2018-8355 ChakraCore primary_impact T1499.004 Application or System Exploitation
CVE-2018-8355 ChakraCore secondary_impact T1005 Data from Local System
CVE-2018-8355 ChakraCore secondary_impact T1565 Data Manipulation
CVE-2018-8355 ChakraCore secondary_impact T1485 Data Destruction
CVE-2018-8355 ChakraCore secondary_impact T1136 Create Account
CVE-2018-8355 ChakraCore exploitation_technique T1189 Drive-by Compromise
CVE-2018-8355 ChakraCore exploitation_technique T1204.002 Malicious File