3 matches found
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution. This is due a lack of validation for return objects without any properties in AsmJs.cpp, which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0015...
CVE-2017-0138
CVE-2017-0134 is described in a connected advisory as a remote code execution vulnerability in the Microsoft Edge scripting engine, caused by how it handles objects in memory. The advisory states that a remote, unauthenticated attacker could exploit this by enticing the target user to open a spec...
KLA10968 Multiple vulnerabilities in Microsoft Edge
Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An incorrect handling of...