100 matches found
CVE-2016-7227
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."...
CVE-2016-7202
CVE-2016-7202 refers to a memory corruption vulnerability in the Chakra JavaScript scripting engine used by Microsoft Edge/IE (the “Scripting Engine Memory Corruption Vulnerability”). The connected advisories describe RCE/DoS opportunities via crafted web content, with ChakraCore as the adversari...
CVE-2016-7202
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka “Scripting Engine Memory Corruption Vulnerability,” as demonstrated by the Chakra...
Microsoft Browser Information Disclosure Vulnerability
An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website that is us...
PT-2016-2971 · Microsoft · Browsers +2
Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Microsoft browsers affected versions not specified Description: The issue is related to a lack of protection for internal data in Microsoft Edge, which can be exploited by a remote attacker using...
Microsoft Browser Remote Code Execution (MS16-129: CVE-2016-7241)
A type confusion vulnerability has been reported in the Scripting Engines of Microsoft Edge and Internet Explorer. This vulnerability is due to improper access of objects in memory when the JSON.parse JavaScript function is called. A remote attacker could exploit this vulnerability by enticing th...
CVE-2016-3390
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability...
CVE-2016-3382
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption...
Memory corruption
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption...
CVE-2016-3390
CVE-2016-3390 affects Microsoft Internet Explorer 11 and Microsoft Edge, involving memory corruption in the Chakra-based scripting engine that can lead to remote code execution or memory corruption via a crafted website. Connected sources (GHSA-CHAKRACORE RCE) reiterate a ChakraCore RCE vector ti...
Microsoft Browser Information Disclosure Vulnerability
An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website that is us...
Microsoft Browser Information Disclosure Vulnerability
An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website that is us...
Neutrino EK Spotted Leveraging Patched IE Zero Day
Attackers behind the Neutrino Exploit Kit didn’t take long to co-op a recently patched Internet Explorer zero-day into its arsenal. Researchers claim the kit has been pushing CVE-2016-0189, a vulnerability that was reportedly used in targeted attacks on South Korean organizations earlier this yea...
CVE-2016-3260
The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memo...
CVE-2016-3259
The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...
CVE-2016-3204
The Microsoft 1 JScript 5.8 and 9 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...
CVE-2016-3202
The Microsoft 1 Chakra JavaScript, 2 JScript, and 3 VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruptio...
CVE-2016-3207
The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04055)
Microsoft Internet Explorer IE is a Web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.JScript is one of the interpreted object-based scripting languages; VBScript Visual Basic Script is one of the scripting languages, and is also the defau...
CVE-2016-0002
The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...