4 matches found
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution. This is due a lack of validation for return objects without any properties in AsmJs.cpp, which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0015...
CVE-2017-0094
CVE-2017-0094 describes a remote code execution in Microsoft scripting engines when handling objects in memory in Microsoft browsers. The connected document CPAI-2018-0053 adds concrete details for CVE-2017-0134: a remote code execution in Microsoft Edge scripting engine due to memory handling of...
KLA10968 Multiple vulnerabilities in Microsoft Edge
Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An incorrect handling of...
Microsoft Edge Scripting Engine Memory Corruption (MS17-007: CVE-2017-0094)
A Memory Corruption Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...