CVE-2017-11821

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792,...

CVE-2017-11792

CVE-2017-11792 describes a memory-handling vulnerability in the ChakraCore scripting engine (used by Microsoft Edge) on Windows 10 version 1703 that allows an attacker to execute arbitrary code in the context of the current user. The connected advisories reference ChakraCore RCE/Memory Corruption...

CVE-2017-11801

CVE-2017-11801 is a ChakraCore-hosted RCE vulnerability. The connected documents describe an issue where the ChakraCore scripting engine exposes memory handling flaws that allow an attacker to execute arbitrary code in the context of the current user. The core detail across sources is that the bu...

CVE-2017-11793

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the...

CVE-2017-11798

CVE-2017-11798 affects Microsoft Edge on Windows 10 (Gold, 1511, 1607, 1703) and Windows Server 2016. The vulnerability stems from how the scripting engine handles objects in memory, enabling an attacker to execute arbitrary code in the context of the current user. The CVSS metrics from the initi...

CVE-2017-11802

CVE-2017-11802 affects ChakraCore and Microsoft Edge on Windows 10 (Gold, 1511, 1607, 1703) and Windows Server 2016. The vulnerability stems from how the Chakra scripting engine handles memory objects, enabling an attacker to execute arbitrary code in the context of the current user. Exploitation...

CVE-2017-11800

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-30543)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge suffers from a remote memory corruption vulnerability in the scripting engine's handling of in-memory objects, which can be exploited by an attacker to corrupt memory by executing arbitrary code in the current use...

Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2017-30351)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.Scripting engine is one o...

Microsoft Windows Multiple Vulnerabilities (KB4041693)

This host is missing a critical security update according to Microsoft KB4041693 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-30542)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge suffers from a remote memory corruption vulnerability in the scripting engine's handling of in-memory objects, which can be exploited by an attacker to corrupt memory by executing arbitrary code in the current use...

Microsoft Internet Explorer Scripting Memory Corruption Vulnerability

Microsoft Windows Server 2016 and others are operating systems released by Microsoft Corporation USA.Internet Explorer IE is one of the browsers. scripting engine is one of the scripting engines. A memory corruption vulnerability exists in the scripting engine in IE versions 9, 10 and 11 in...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-30539)

Microsoft Edge is the web browser built into the Windows 10 version. A remote memory corruption vulnerability exists in the JavaScript engine content when the Microsoft Edge scripting engine handles in-memory objects, which can be exploited by an attacker to corrupt memory by executing arbitrary...

Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2017-30325)

Edge is Microsoft's browser for Windows 10, characterized as fast and secure. A memory corruption vulnerability exists in the way the Microsoft Edge scripting engine handles objects in memory, which can be exploited by an attacker to execute arbitrary code in the context of the current user or to...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-30541)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge suffers from a remote memory corruption vulnerability in the scripting engine's handling of in-memory objects, which can be exploited by an attacker to corrupt memory by executing arbitrary code in the current use...

Microsoft Internet Explorer scripting engine memory corruption vulnerability

Microsoft Windows Server 2016 and others are operating systems released by Microsoft Corporation USA.Internet Explorer IE is one of the browsers. scripting engine is one of the scripting engines. A memory corruption vulnerability exists in the scripting engine of Internet Explorer versions 9, 10...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-30540)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge suffers from a remote memory corruption vulnerability in the scripting engine's handling of in-memory objects, which can be exploited by an attacker to corrupt memory by executing arbitrary code in the current use...

Microsoft Windows Multiple Vulnerabilities (KB4041681)

This host is missing a critical security update according to Microsoft KB4041681 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Internet Explorer Multiple Vulnerabilities (KB4040685)

This host is missing a critical security update according to Microsoft security updates KB4040685. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

October Patch Tuesday: 28 Critical Microsoft Vulnerabilities

Today Microsoft released patches covering 62 vulnerabilities as part of October’s Patch Tuesday update, with 30 of them affecting Windows. Patches covering 28 of these vulnerabilities are labeled as Critical, and 33 can result in Remote Code Execution. According to Microsoft, a vulnerability in...