Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8645)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the conte...

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8646)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engines render content when handling objects in memory. A remote attacker could exploit these vulnerabilities by enticing the target user to open a specially crafted web page, potentiall...

Microsoft Browser Scripting Engine Memory Corruption (CVE-2017-8636)

A memory corruption vulnerability exists in Microsoft browser. The vulnerability is due to an error in the way that Microsoft browser accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a specially...

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8656)

An improper initialization of memory vulnerability exists in Chakra, Microsoft Edge's scripting engine. This vulnerability is due to the incorrect initialization of a variable within the DefineUserVars function due to an error in PreVisitCatch.A remote attacker could exploit this vulnerability by...

Remote code execution

A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability"...

Remote code execution

Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability"...

CVE-2017-8518

CVE-2017-8518 — Microsoft Edge Memory Corruption Vulnerability . A remote code execution flaw exists when Edge improperly accesses objects in memory in the scripting engine, allowing arbitrary code execution in the context of the current user. Root cause: memory handling error in the scripting en...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-27998)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is an operating system for personal computers and the latter is a server operating system.Edge is one of the web browsers that comes with the system. Edge in Microsoft Windows suffers from a...

CVE-2017-8671

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory...

Security feature bypass

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard ACG due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time JIT compiler, aka "Scripting Engine Security Feature Bypass Vulnerability"...

Information disclosure

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scripting engine not properly handling objects in memory, aka "Scripting Engine Information Disclosure Vulnerability"...

CVE-2017-8639

Microsoft Edge in Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption...

CVE-2017-8647

Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique...

CVE-2017-8659

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scripting engine not properly handling objects in memory, aka "Scripting Engine Information Disclosure Vulnerability"...

CVE-2017-8637

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard ACG due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time JIT compiler, aka "Scripting Engine Security Feature Bypass Vulnerability"...

CVE-2017-8646

Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption...

CVE-2017-8674

Technical details for CVE-2017-8674 are not publicly available in the provided documents; no affected products, root cause, or fixes are specified here. Monitor for updates from security advisories and vendor advisories.

CVE-2017-8637

CVE-2017-8637 affects Microsoft Edge on Windows 10 version 1703, describing a security feature bypass of Arbitrary Code Guard (ACG) due to memory access in Edge’s JIT-compiled code. Connected sources detail that the Chakra/JIT server memory handling can process unvalidated loop headers, enabling ...

CVE-2017-8646

CVE-2017-8646 concerns a remote code execution vulnerability in Microsoft Edge’s scripting engine memory handling. Affected product/variant: Microsoft Edge on Windows 10 (versions 1511, 1607, 1703) and Windows Server 2016, where the JavaScript engine could corrupt memory while rendering objects i...

CVE-2017-8659

CVE-2017-8659 affects Microsoft Edge and Microsoft Internet Explorer on Windows 10 version 1703, due to the Chakra scripting engine not properly handling objects in memory, enabling information disclosure. The vulnerability is documented as a Chakra information disclosure issue with the Edge/IE m...