Microsoft Edge Information Disclosure Vulnerability - CVE-2018-8370ID: oval:org.secpod.oval:def:47108 | Date: (C)2018-08-15 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerability to obtain privileged information from the browser process, such as sensitive data from other opened tabs. An attacker could also inject malicious code into advertising networks used by trusted sites or embed malicious code on a compromised, but trusted, site. The update addresses the vulnerability by correcting how the WebAudio Library handles audio requests.
Platform: |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |