Lucene search
K

7 matches found

Veracode
Veracode
added 2018/07/04 8:26 a.m.24 views

Information Leakage

microsoft.chakracore is vulnerable to information leakage. This happens because the finalName parameter in the ConstructName function of JavascriptObject.cpp can contain null characters in between, leaving part of it uninitialized. This CVE ID is unique from CVE-2017-11887 and CVE-2017-11906.This...

5.3CVSS5.9AI score0.25116EPSS
Exploits4References5Affected Software2
Prion
Prion
added 2017/12/12 9:29 p.m.25 views

Information disclosure

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 201...

2.6CVSS4.9AI score0.25116EPSS
Exploits4References3Affected Software2
Prion
Prion
added 2017/12/12 9:29 p.m.26 views

Information disclosure

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to h...

2.6CVSS5AI score0.25116EPSS
Exploits4References4Affected Software1
CVE
CVE
added 2017/12/12 9:0 p.m.105 views

CVE-2017-11887

CVE-2017-11906 is described across multiple sources as an information disclosure vulnerability in Microsoft Internet Explorer caused by improper handling of memory objects in the scripting engine. Affected software includes Internet Explorer on Windows platforms listed in the CVE description (Win...

5.3CVSS5.7AI score0.06423EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/12/12 12:0 a.m.250 views

KB4053579: Windows 10 Version 1607 and Windows Server 2016 December 2017 Security Update

The remote Windows host is missing security update 4053579. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a wa...

9.8CVSS7.9AI score0.68491EPSS
Exploits38References26
Tenable Nessus
Tenable Nessus
added 2017/12/12 12:0 a.m.77 views

Security Updates for Internet Explorer (December 2017)

The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corru...

7.6CVSS7.7AI score0.64164EPSS
Exploits16References17
Tenable Nessus
Tenable Nessus
added 2017/12/12 12:0 a.m.107 views

Windows 8.1 and Windows Server 2012 R2 December 2017 Security Updates

The remote Windows host is missing security update 4054522 or cumulative update 4054519. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacke...

8.5CVSS7.9AI score0.64164EPSS
Exploits22References17
Rows per page
Query Builder