Intrusion Prevention

MS.Edge.AppendLeftOverItemsFromEndSegment.Out.Of.Bounds.Read

Description

This indicates an attack attempt to exploit an Out Of Bounds Read Vulnerability in Microsoft Edge Scripting Engine.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted webpage. A remote attacker can exploit this to gain unauthorized access to sensitive information.

Affected Products

ChakraCore
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1511 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1511 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows Server 2016
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0767

CVE References

CVE-2018-0767