5 matches found
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution. This is due a lack of validation for return objects without any properties in AsmJs.cpp, which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0015...
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution. This is due to a lack of conversion checks after calls to IsConcatSpreadable which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different CVE-2017-0010, CVE-2017-0015,...
CVE-2017-0015
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...
CVE-2017-0015
Technical details for CVE-2017-0015 are not provided in the supplied documents. No affected product/version, root cause, or fix is specified here. Monitor for updates in the connected materials.
Microsoft Edge Scripting Engine Memory Corruption (MS17-007: CVE-2017-0015)
A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...