2820 matches found
CVE-2017-11791
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709...
CVE-2017-11846
CVE-2017-11846 affects ChakraCore and Edge/IE scripting engine in Windows 7 SP1, Windows Server 2008/2008 R2, 8.1, 10 (various builds), and Windows Server 2012/2012 R2, with memory handling in the scripting engine leading to memory corruption. The vulnerability could allow an attacker to execute ...
CVE-2017-11838
CVE-2017-11838 affects ChakraCore and Microsoft Edge in Windows environments (various versions listed in the initial entry). The vulnerability arises from how the scripting engine handles objects in memory, leading to memory corruption that could allow an attacker to execute code with the same us...
CVE-2017-11871
CVE-2017-11871: ChakraCore and Microsoft Edge memory-corruption vulnerability in Windows 10 (1703/1709) and Windows Server 1709 allows an attacker to gain the current user’s rights via scripting engine object handling in memory. Root cause: memory handling in the scripting engine leads to memory ...
CVE-2017-11870
CVE-2017-11870 affects ChakraCore and Microsoft Edge on Windows 10 (1703/1709) and Windows Server 1709, arising from how the scripting engine handles objects in memory. The vulnerability is described as a memory corruption issue in the scripting engine that can let an attacker execute code with t...
CVE-2017-11866
CVE-2017-11866 concerns ChakraCore/Edge on Windows 10 (various editions) where the scripting engine’s memory handling in objects can be abused to execute code with the caller’s privileges. The root cause is memory corruption within the scripting engine, enabling privilege escalation. Connected ad...
CVE-2017-11862
CVE-2017-11862 affects ChakraCore and Microsoft Edge on Windows 10 version 1709 and Windows Server 1709. The vulnerability is a Scripting Engine Memory Corruption in the in-memory handling of objects, allowing an attacker to gain the same user rights as the current user (privilege escalation). Th...
CVE-2017-11840
CVE-2017-11840 αφορά ChakraCore/Microsoft Edge en Windows 10 (Gold/1511/1607/1703/1709) y Windows Server 2016/Server 1709. El fallo proviene de cómo el motor de scripting maneja objetos en la memoria, generando una corrupción de memoria que posibilita que un atacante obtenga los mismos privilegio...
CVE-2017-11862
ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...
CVE-2017-11866
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption...
CVE-2017-11861
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID i...
Microsoft Windows Multiple Vulnerabilities (KB4048954)
This host is missing a critical security update according to Microsoft KB4048954 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
November Patch Tuesday: 53 Vulnerabilities and a Massive Adobe Update
This November Patch Tuesday is moderate in volume and severity. Microsoft released patches to address 53 unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS receives 14 patches, while the lion's share is focused on Browsers, Microsoft Office, and Adobe. According to...
Microsoft Patch Tuesday - November 2017
Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 53 new vulnerabilities with 19 of them rated critical, 31 of them rated important and 3 of them rated moderate...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
Scripting Engine Information Disclosure Vulnerability
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an...
Scripting Engine Information Disclosure Vulnerability
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploit...