5 matches found
Microsoft Edge Chakra CFG Bypass Due To Bug In ServerFreeAllocation Vulnerability
Charka suffers from a CFG bypass due to a bug in ServerFreeAllocation. Chakra: CFG bypass due to a bug in ServerFreeAllocation CVE-2017-11874 Chakra JIT server exposes a ServerFreeAllocation method that can be used to free an existing JIT allocation for example when the corresponding function get...
Security feature bypass
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice, due to how Microsoft Edge handles redirect requests, aka "Microsoft Edge Security...
CVE-2017-11874
Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard CFG to run arbitrary code on a target system, due to how Microsoft Edge handles accessing memory in code compiled by the Edge Just-In-Time JIT compiler,...
CVE-2017-11874
Microsoft Edge in Windows 10 (1703, 1709), Windows Server (1709) and ChakraCore is affected by a CFG bypass that allows arbitrary code execution due to how memory is accessed by code produced by the Edge JIT compiler. The vulnerability impacts Edge/CSP handling and CFG enforcement; CVE-2017-11874...
Microsoft Edge CVE-2017-11874 Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft ChakraCore Microsoft Edge Recommendations...