VYPR
← All advisories
High severityNVD Advisory· Published Sep 13, 2018· Updated Aug 5, 2024

CVE-2018-8467

CVE-2018-8467

Description

CVE-2018-8467 is a memory corruption vulnerability in the Chakra scripting engine affecting Microsoft Edge and ChakraCore, allowing remote code execution when a user visits a malicious webpage.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2018-8467 is a memory corruption vulnerability in the Chakra scripting engine affecting Microsoft Edge and ChakraCore, allowing remote code execution when a user visits a malicious webpage.

Vulnerability

CVE-2018-8467 is a remote code execution vulnerability in the way the Chakra scripting engine handles objects in memory in Microsoft Edge and ChakraCore [1], [2]. The vulnerability is classified as a failure to handle exceptional conditions [2], leading to memory corruption. Affected versions include Microsoft Edge on all supported Windows 10 platforms and ChakraCore prior to the September 2018 security update [1], [2].

Exploitation

Exploitation requires an attacker to host a specially crafted website (or inject malicious content into a compromised site) that triggers the memory corruption in the Chakra engine when a user visits the site with Microsoft Edge [1], [3]. No authentication or additional privileges are needed; the victim only needs to browse the malicious page. The bug is triggered via a scripting engine object handling error [3].

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the current user within the sandbox of the browser [1], [3]. If the user has administrative rights, the attacker can gain full control of the system, install programs, view/change/delete data, or create new accounts with full user rights [1].

Mitigation

Microsoft released a security update as part of the September 2018 Patch Tuesday (September 11, 2018) to address this vulnerability [2], [3]. Users should apply the latest Windows updates to mitigate this issue. For ChakraCore, the fix is included in the 1.11 release, and Microsoft continued to provide security updates for ChakraCore 1.11 until March 9, 2021 [4]. No workaround is available; applying the official patch is the only mitigation.

References
  1. NVD - CVE-2018-8467
  2. Microsoft ChakraCore Scripting Engine CVE-2018-8467 Remote Memory Corruption Vulnerability
  3. Microsoft Edge Multiple Bugs Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, Gain Elevated Privileges, and Spoof Content on the Target System
  4. GitHub - chakra-core/ChakraCore: ChakraCore is an open source Javascript engine with a C API.

AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Microsoft.ChakraCoreNuGet
< 1.11.11.11.1

Affected products

3

Patches

1
07a72e2849aa

[CVE-2018-8467] Edge - Chakra type confusion - Google, Inc.

https://github.com/chakra-core/ChakraCorePaul LeathersJul 26, 2018via ghsa
commit
1 file changed · +4 0
  • lib/Backend/GlobOptFields.cpp+4 0 modified
    @@ -1915,6 +1915,10 @@ GlobOpt::UpdateObjPtrValueType(IR::Opnd * opnd, IR::Instr * instr)
                 }
             }
             break;
+        case Js::TypeIds_NativeIntArray:
+        case Js::TypeIds_NativeFloatArray:
+            // Do not mark these values as definite to protect against array conversion
+            break;
         case Js::TypeIds_Array:
             // Because array can change type id, we can only make it definite if we are doing array check hoist
             // so that implicit call will be installed between the array checks.

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

11

News mentions

0

No linked articles in our index yet.