Vulnerability CVE-2018-8319


Published: 2018-07-10   Modified: 2018-07-11

Description:
A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library.

Type:

CWE-682

(Incorrect Calculation)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Microsoft -> Research javascript cryptography library 

 References:
http://www.securityfocus.com/bid/104655
http://www.securitytracker.com/id/1041268
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319

Copyright 2024, cxsecurity.com

 

Back to Top