Lucene search
K

5 matches found

0day.today
0day.today
added 2017/12/06 12:0 a.m.51 views

Microsoft Edge Chakra CFG Bypass Due To Bug In ServerFreeAllocation Vulnerability

Charka suffers from a CFG bypass due to a bug in ServerFreeAllocation. Chakra: CFG bypass due to a bug in ServerFreeAllocation CVE-2017-11874 Chakra JIT server exposes a ServerFreeAllocation method that can be used to free an existing JIT allocation for example when the corresponding function get...

2.6CVSS5.8AI score0.03974EPSS
Exploits1
Prion
Prion
added 2017/11/15 3:29 a.m.49 views

Security feature bypass

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice, due to how Microsoft Edge handles redirect requests, aka "Microsoft Edge Security...

4.3CVSS4.8AI score0.07245EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2017/11/15 3:29 a.m.4 views

CVE-2017-11874

Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard CFG to run arbitrary code on a target system, due to how Microsoft Edge handles accessing memory in code compiled by the Edge Just-In-Time JIT compiler,...

6.5CVSS6AI score0.07245EPSS
Exploits1References4
CVE
CVE
added 2017/11/15 3:0 a.m.85 views

CVE-2017-11874

Microsoft Edge in Windows 10 (1703, 1709), Windows Server (1709) and ChakraCore is affected by a CFG bypass that allows arbitrary code execution due to how memory is accessed by code produced by the Edge JIT compiler. The vulnerability impacts Edge/CSP handling and CFG enforcement; CVE-2017-11874...

3.1CVSS5.2AI score0.03974EPSS
Exploits1References3Affected Software2
Symantec
Symantec
added 2017/11/14 12:0 a.m.37 views

Microsoft Edge CVE-2017-11874 Security Bypass Vulnerability

Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft ChakraCore Microsoft Edge Recommendations...

2.6CVSS5.1AI score0.03974EPSS
Exploits1
Rows per page
Query Builder