Memory corruption

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory...

Memory corruption

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

CVE-2017-8740

CVE-2017-8740 affects Microsoft Edge on Windows 10 (1703) and is due to memory handling issues in the Edge scripting engine, enabling arbitrary code execution in the current user. A CIRCL/CVE-2017-8740 sighting confirms exploitation with exploits on Exploit DB (e.g., exploits/42764). No patch/ver...

CVE-2017-8660

CVE-2017-8660 affects Microsoft Edge in Windows 10 (versions 1511, 1607, 1703) and Windows Server 2016. Root cause: how the Microsoft Edge JavaScript engine renders objects in memory, leading to memory corruption. Impact: attacker can execute arbitrary code in the context of the current user. The...

CVE-2017-8738

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption...

CVE-2017-8753

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption...

CVE-2017-8729

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

CVE-2017-8755

CVE-2017-8755 is a memory corruption vulnerability in the Microsoft Edge scripting engine on Windows 10 (versions 1511, 1607, 1703) and Windows Server 2016. An attacker could execute arbitrary code in the context of the current user by abusing how Edge handles objects in memory. The NVD metrics l...

Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CNVD-2017-32688)

Microsoft Edge is a popular WEB browser. A security vulnerability in the Microsoft Edge scripting engine allows remote attackers to exploit the vulnerability by submitting a specially crafted WEB page that can be parsed by the user, which can be used to obtain sensitive information...

Microsoft Edge Memory Corruption Vulnerability (CNVD-2017-28650)

Microsoft Windows 10 is an operating system released by Microsoft Corporation.Microsoft Edge is a web browser that comes with the system.scripting engine is a JavaScript engine component. A memory corruption vulnerability exists in the scripting engine of Edge in Microsoft Windows 10 version 1703...

Microsoft Edge Information Disclosure Vulnerability (CNVD-2017-28655)

Microsoft Windows 10 is an operating system released by Microsoft Corporation.Microsoft Edge is a web browser that comes with the system.scripting engine is a JavaScript engine component. An information disclosure vulnerability exists in the scripting engine of Edge in Microsoft Windows 10 versio...

Microsoft Edge Memory Corruption Vulnerability (CNVD-2017-28323)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.Scripting engine is one o...

Microsoft Edge Memory Corruption Vulnerability (CNVD-2017-28324)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.Scripting engine is one o...

Microsoft Edge Memory Corruption Vulnerability (CNVD-2017-28320)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.Scripting engine is one o...

Microsoft Edge Memory Corruption Vulnerability (CNVD-2017-28321)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.Scripting engine is one o...

September Patch Tuesday: 27 Critical Vulnerabilities from Microsoft, plus Critical Adobe Patches

Today Microsoft released a fairly large batch of patches covering 81 vulnerabilities as part of September’s Patch Tuesday update, with 38 of them impacting Windows. Patches covering 27 of these vulnerabilities are labeled as Critical, and 39 can result in Remote Code Execution RCE. According to...

Scripting Engine Information Disclosure Vulnerability

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an...

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...