HTTP: Microsoft IE CVE-2018-0930 Chakra Scripting Engine Remote Code Execution

This signature detects an attempt to exploit an Memory Corruption Vulnerability in Microsoft Internet Explorer. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Extended Description

ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.

References

CVE: CVE-2018-0930

Short Name
HTTP:STC:IE:CVE-2018-0930-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-0930 Chakra Code Engine Execution IE Microsoft Remote Scripting
Release Date
03/13/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
CVSS Score

7.6

Found a potential security threat?