The vulnerability in the Chakra JavaScript engine of the Microsoft Edge browser allows a hacker to trigger a service failure or execute arbitrary code.

🗓️ 08 Jun 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru

Chakra engine vulnerability in Edge enables remote code execution via memory bounds violation.

Reporter	Title	Published	Views	Family All 20
CNVD	Microsoft Edge Chakra JavaScript Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04074)	16 Jun 201600:00	–	cnvd
Check Point Advisories	Microsoft Edge Memory Corruption (MS16-068: CVE-2016-3199)	14 Jun 201600:00	–	checkpoint_advisories
CVE	CVE-2016-3199	16 Jun 201601:00	–	cve
Cvelist	CVE-2016-3199	16 Jun 201601:00	–	cvelist
Github Security Blog	ChakraCore RCE Vulnerability	14 May 202202:24	–	github
Microsoft KB	Cumulative update for Windows 10: June 14, 2016	16 Jun 201607:00	–	mskb
Microsoft KB	Cumulative Update for Windows 10 version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016	16 Jun 201607:00	–	mskb
Microsoft KB	MS16-068: Cumulative security update for Microsoft Edge: June 14, 2016	14 Jun 201600:00	–	mskb
Kaspersky	KLA10829 Multiple vulnerabilities in Microsoft Edge and Internet Explorer	14 Jun 201600:00	–	kaspersky
Microsoft CVE	Scripting Engine Memory Corruption Vulnerability	14 Jun 201607:00	–	mscve

Source	Link
technet	www.technet.microsoft.com/security/bulletin/MS16-068
securitytracker	www.securitytracker.com/id/1036099
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-16-367
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-16-368
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

8.3High risk

Vulners AI Score8.3

CVSS 29.3

EPSS0.19183

chakra engine edge browser remote code execution memory bounds violation