The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Scripting Engine Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7242.

CPENameOperatorVersion
microsoft.chakracoreeq1.2.0
microsoft.chakracoreeq1.2.1

CPE	Name	Operator	Version
	microsoft.chakracore	eq	1.2.0
	microsoft.chakracore	eq	1.2.1

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129

github.com/chakra-core/ChakraCore

github.com/chakra-core/ChakraCore/commit/c2787ef8fdb7401922e9ec6540e4e5895d11c631

github.com/chakra-core/ChakraCore/pull/1982

nvd.nist.gov/vuln/detail/CVE-2016-7243

web.archive.org/web/20210123185242/www.securityfocus.com/bid/94047

web.archive.org/web/20211126224744/www.securitytracker.com/id/1037245

attackerkb 5

prion 8

cve 8

osv 7

cvelist 8

github 8

nvd 8

nessus 2

mskb 16

zdt 6

exploitpack 2

kaspersky 3

openvas 2

threatpost 2

exploitdb 2

checkpoint_advisories 6

mscve 8

symantec 8

zdi 2

cisa_kev 2

myhack58 1

thn 2

attackerkb

CVE-2016-7200

2016-11-10 00:00:00

CVE-2016-7201

2016-11-10 00:00:00

CVE-2016-7202

2016-11-10 00:00:00

prion

Memory corruption

2016-11-10 06:59:00

Memory corruption

2016-11-10 06:59:00

Memory corruption

2016-11-10 06:59:00

cve

CVE-2016-7242

2016-11-10 06:59:55

CVE-2016-7203

2016-11-10 06:59:18

CVE-2016-7202

2016-11-10 06:59:17

osv

ChakraCore RCE Vulnerability

2022-05-14 02:22:42

ChakraCore RCE Vulnerability

2022-05-14 02:22:42

ChakraCore RCE Vulnerability

2022-05-14 02:22:18

cvelist

CVE-2016-7242

2016-11-10 06:16:00

CVE-2016-7243

2016-11-10 06:16:00

CVE-2016-7200

2016-11-10 06:16:00

github

ChakraCore RCE Vulnerability

2022-05-14 02:22:41

ChakraCore RCE Vulnerability

2022-05-14 02:22:42

ChakraCore RCE Vulnerability

2022-05-14 02:22:18

nvd

CVE-2016-7240

2016-11-10 06:59:53

CVE-2016-7201

2016-11-10 06:59:16

CVE-2016-7202

2016-11-10 06:59:17

nessus

MS16-129: Cumulative Security Update for Microsoft Edge (3199057)

2016-11-08 00:00:00

MS16-144: Cumulative Security Update for Internet Explorer (3204059)

2016-12-13 00:00:00

mskb

MS16-129: Cumulative security update for Microsoft Edge: November 8, 2016

2016-11-08 00:00:00

Cumulative update for Windows 10 Version 1511: November 8, 2016

2016-11-08 08:00:00

Cumulative update for Windows 10 Version 1607 and Windows Server 2016: November 8, 2016

2016-11-08 08:00:00

zdt

Microsoft Windows 10 Edge - chakra.dll Info Leak / Type Confusion Remote Code Execution Exploit

2017-01-06 00:00:00

Microsoft Edge Scripting Engine - Memory Corruption (MS16-129) Exploit

2016-11-24 00:00:00

Microsoft Edge - Array.filter Info Leak Vulnerability

2016-11-19 00:00:00

exploitpack

Microsoft Edge (Windows 10) - chakra.dll Information Leak Type Confusion Remote Code Execution

2017-01-05 00:00:00

Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)

2016-11-21 00:00:00

kaspersky

KLA10900 Multiple vulnerabilities in Microsoft Browser

2016-11-08 00:00:00

KLA11832 Multiple vulnerabilities in Microsoft Products (ESU)

2016-11-08 00:00:00

KLA10897 Multiple vulnerabilities in Microsoft Windows

2016-11-08 00:00:00

openvas

Microsoft Edge Multiple Vulnerabities (3199057)

2016-11-09 00:00:00

Microsoft Internet Explorer Multiple Vulnerabilities (3204059)

2016-12-14 00:00:00

threatpost

Two New Edge Exploits Integrated into Sundown Exploit Kit

2017-01-10 11:28:20

Microsoft Patches Publicly Disclosed IE, Edge Vulnerabilities

2016-12-13 15:27:58

exploitdb

Microsoft Edge (Windows 10) - 'chakra.dll' Information Leak / Type Confusion Remote Code Execution

2017-01-05 00:00:00

Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)

2016-11-21 00:00:00

checkpoint_advisories

Microsoft Edge Scripting Engine Memory Corruption (MS16-129: CVE-2016-7240)

2016-11-08 00:00:00

Microsoft Edge Scripting Engine Memory Corruption (MS16-129: CVE-2016-7200)

2016-11-08 00:00:00

Microsoft Edge Scripting Engine Memory Corruption (MS16-129: CVE-2016-7242)

2016-11-08 00:00:00

mscve

Scripting Engine Memory Corruption Vulnerability

2016-11-08 08:00:00

Scripting Engine Memory Corruption Vulnerability

2016-11-08 08:00:00

Scripting Engine Memory Corruption Vulnerability

2016-11-08 08:00:00

symantec

Microsoft Edge CVE-2016-7200 Scripting Engine Remote Memory Corruption Vulnerability

2016-11-08 00:00:00

Microsoft Edge CVE-2016-7242 Scripting Engine Remote Memory Corruption Vulnerability

2016-11-08 00:00:00

Microsoft Edge CVE-2016-7240 Scripting Engine Remote Memory Corruption Vulnerability

2016-11-08 00:00:00

zdi

Microsoft Internet Explorer Array.splice Memory Corruption Remote Code Execution Vulnerability

2017-06-21 00:00:00

Microsoft Windows JavaScript reverse Method Heap-based Buffer Overflow Remote Code Execution Vulnerability

2016-11-08 00:00:00

cisa_kev

Microsoft Edge Memory Corruption Vulnerability

2022-03-28 00:00:00

Microsoft Edge Memory Corruption Vulnerability

2022-03-28 00:00:00

myhack58

Windows 10 x64 Edge CVE-2016-7200 & CVE-2016-7201 vulnerability analysis and exploit-vulnerability warning-the black bar safety net

2017-05-21 00:00:00

thn

Microsoft releases 12 Security Updates; Including 6 Critical Patches

2016-12-14 01:07:00

Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network

2022-11-09 11:01:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.972 High

EPSS

Percentile

99.8%

JSON

Related for OSV:GHSA-77QC-GP37-HR26