Lucene search
K

9 matches found

seebug.org
seebug.org
added 2017/10/17 12:0 a.m.39 views

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability(CVE-2017-11802)

No description provided by source. The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating "ImplicitCallFlags". But "RegexHelper::StringReplace" calls the replace function without...

7.6CVSS7.8AI score0.69163EPSS
Exploits3
Circl
Circl
added 2017/10/17 12:0 a.m.19 views

CVE-2017-11802

creationtimestamp| type| source ---|---|--- 2017-10-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43000...

7.6CVSS7.6AI score0.69163EPSS
Exploits3References1
Check Point Advisories
Check Point Advisories
added 2017/10/16 12:0 a.m.3 views

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11802)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge handles objects in memory. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

7.6CVSS7.8AI score0.69163EPSS
Exploits3
0day.today
0day.today
added 2017/10/15 12:0 a.m.60 views

Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call Exploit

The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating "ImplicitCallFlags". But "RegexHelper::StringReplace" calls the replace function without updating the flag. Therefore it fails...

7.6CVSS7.6AI score0.69163EPSS
Exploits3
Packet Storm
Packet Storm
added 2017/10/14 12:0 a.m.67 views

Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call

Microsoft Edge: Chakra: JIT: RegexHelper::StringReplace must call the callback function with updating ImplicitCallFlags CVE-2017-11802 The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with...

7.9AI score0.69163EPSS
Exploits3
Prion
Prion
added 2017/10/13 1:29 p.m.17 views

Memory corruption

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability"...

7.6CVSS7.6AI score0.69163EPSS
Exploits20References4Affected Software1
Prion
Prion
added 2017/10/13 1:29 p.m.16 views

Memory corruption

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability"...

7.6CVSS7.6AI score0.69163EPSS
Exploits20References3
CVE
CVE
added 2017/10/13 1:0 p.m.86 views

CVE-2017-11802

CVE-2017-11802 affects ChakraCore and Microsoft Edge on Windows 10 (Gold, 1511, 1607, 1703) and Windows Server 2016. The vulnerability stems from how the Chakra scripting engine handles memory objects, enabling an attacker to execute arbitrary code in the context of the current user. Exploitation...

7.6CVSS7.8AI score0.69163EPSS
Exploits3References4Affected Software2
Symantec
Symantec
added 2017/10/10 12:0 a.m.34 views

Microsoft Edge Scripting Engine CVE-2017-11802 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

7.6CVSS0.5AI score0.69163EPSS
Exploits3
Rows per page
Query Builder