What is CVE-2018-0774?

CVE-2018-0774 is a vulnerability in Microsoft Corporation Edge. Published 2018-01-04.

Is CVE-2018-0774 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Corporation Edge

CVE-2018-0774

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE…

EPSS: 0.740 (98.9th percentile) — read the EPSS interpretation.

Affected products

Microsoft Corporation Edge — versions Windows 10 1709

Public proof-of-concept exploits

ARPSyndicate/cvemon
addicjanov/js-vuln-db
lnick2023/nicenice
otravidaahora2t/js-vuln-db
qazbnm456/awesome-cve-poc
tunz/js-vuln-db
xbl3/awesome-cve-poc_

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0774 (x_refsource_CONFIRM)
43715 (exploit, x_refsource_EXPLOIT-DB)
102399 (vdb-entry, x_refsource_BID)
1040100 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2018-0774?: CVE-2018-0774 is a vulnerability in Microsoft Corporation Edge. Published 2018-01-04.
Is CVE-2018-0774 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.