CVE-2017-0196

An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."...

CVE-2017-0152

CVE-2017-0152 is described across multiple sources as a remote code execution vulnerability in the Microsoft scripting engine, with memory corruption that could allow an attacker to execute arbitrary code under the current user. Veracode specifically attributes the issue to ChakraCore’s handling ...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14609)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and has a remote memory corruption vulnerability in its implementation that can be exploited by an attacker to execute arbitrary code in the current user context...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14642)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and is implemented with a remote memory corruption vulnerability that can be exploited by an attacker to execute arbitrary code in the current user context...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14451)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle in-memory objects, and a remote code execution vulnerability exists in the scripting engine presentation, where an attacker could execute arbitrary code in the current user context...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14449)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and is implemented with a remote memory corruption vulnerability that can be exploited by an attacker to execute arbitrary code in the current user context...

Microsoft Windows Multiple Vulnerabilities (KB4025342)

This host is missing a critical security update according to Microsoft KB4025342 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4025344)

This host is missing a critical security update according to Microsoft KB4025344 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Internet Explorer in the way affected Microsoft scripting engines render when handling objects in...

Remote code execution

Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from...

CVE-2017-8603

Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption...

CVE-2017-8619

CVE-2017-8619 refers to a remote code execution vulnerability in the Microsoft Edge scripting engines on Windows 10 (Gold, 1511, 1607, 1703) and Windows Server 2016. The issue arises in how the Scripting Engines render objects in memory, i.e., a memory corruption vulnerability in Edge’s scripting...

CVE-2017-8618

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Internet Explorer in the way affected Microsoft scripting engines render when handling objects in...

Microsoft Patch Tuesday Update Fixes 19 Critical Vulnerabilities

Microsoft today released patches for 19 critical vulnerabilities, one of which was publicly known prior to the update. In all, 54 vulnerabilities were patched in Windows, Edge, Internet Explorer, Office and Exchange as part of Microsoft’s monthly Patch Tuesday release; 32 flaws were rated importa...

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8601)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system...

CVE-2017-8517

Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScrip...

CVE-2017-8499

Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8520,...

Memory corruption

Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8499,...

Memory corruption

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID...