Lucene search
K

5 matches found

Veracode
Veracode
added 2018/12/05 2:21 a.m.26 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due a lack of validation for return objects without any properties in AsmJs.cpp, which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0015...

7.5CVSS7.9AI score0.78538EPSS
Exploits4References4Affected Software2
Veracode
Veracode
added 2018/12/05 1:35 a.m.24 views

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to a lack of conversion checks after calls to IsConcatSpreadable which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different CVE-2017-0010, CVE-2017-0015,...

7.5CVSS7.9AI score0.78538EPSS
Exploits4References1Affected Software2
CVE
CVE
added 2017/03/17 12:0 a.m.109 views

CVE-2017-0032

CVE-2017-0032 describes a remote code execution vulnerability in how Microsoft scripting engines render in-memory objects in Microsoft browsers. The issue allows an attacker to corrupt memory and execute arbitrary code with the current user’s privileges; if the user has administrative rights, the...

7.6CVSS7.9AI score0.1523EPSS
Exploits0References3Affected Software1
Symantec
Symantec
added 2017/03/14 12:0 a.m.36 views

Microsoft Edge CVE-2017-0032 Scripting Engine Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. This could allow the attacker to execute arbitrary code in the context of the currently logged-in user. Failed...

7.6CVSS0.8AI score0.1523EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/03/14 12:0 a.m.1 views

Microsoft Scripting Engine Memory Corruption (MS17-007: CVE-2017-0032)

An integer overflow vulnerability exists in Microsoft Edge. The vulnerability is due to an error in Microsoft Edge while handling a specially crafted HTML file. Successful exploitation of this issue can lead to arbitrary memory write...

7.6CVSS7.4AI score0.1523EPSS
Exploits0
Rows per page
Query Builder