8 matches found
ChakraCore RCE Vulnerability
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568...
Microsoft Edge Chakra JIT Use-After-Free / Flag Issue
Microsoft Edge: Chakra: JIT: JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode just clears DisableImplicitFlags CVE-2019-0568 The JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode method is used to execute JsBuiltIn.js which initializes some builtin objects...
Remote Code Execution (RCE)
Microsoft.ChakraCore is vulnerable to remote code execution. This is due to a type confusion via NewScObjectNoCtor or InitProto which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2019-0567, CVE-2019-0568...
CVE-2019-0568
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0567...
CVE-2019-0568
CVE-2019-0568 describes a remote code execution vulnerability in the Chakra scripting engine with memory handling weaknesses in Microsoft Edge/ChakraCore. The root cause is a memory object handling issue in Chakra leading to code execution in the context of the logged-in user. Affected products i...
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated “critical,” 40 that are considered “important” and one that is “moderate.” This release also...
KLA11397 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Edge can be exploited remotely via specially...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0568)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...