5 matches found
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution. This is due a lack of validation for return objects without any properties in AsmJs.cpp, which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0015...
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution. This is due to a lack of conversion checks after calls to IsConcatSpreadable which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different CVE-2017-0010, CVE-2017-0015,...
CVE-2017-0032
CVE-2017-0032 describes a remote code execution vulnerability in how Microsoft scripting engines render in-memory objects in Microsoft browsers. The issue allows an attacker to corrupt memory and execute arbitrary code with the current user’s privileges; if the user has administrative rights, the...
Microsoft Edge CVE-2017-0032 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. This could allow the attacker to execute arbitrary code in the context of the currently logged-in user. Failed...
Microsoft Scripting Engine Memory Corruption (MS17-007: CVE-2017-0032)
An integer overflow vulnerability exists in Microsoft Edge. The vulnerability is due to an error in Microsoft Edge while handling a specially crafted HTML file. Successful exploitation of this issue can lead to arbitrary memory write...