Lucene search
K

14 matches found

Github Security Blog
Github Security Blog
added 2022/05/14 1:6 a.m.21 views

ChakraCore RCE Vulnerability

ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

7.6CVSS7.4AI score0.6546EPSS
Exploits3References8Affected Software1
seebug.org
seebug.org
added 2018/01/22 12:0 a.m.37 views

Microsoft Edge: Chakra: JavascriptGeneratorFunction::GetPropertyBuiltIns exposes scriptFunction(CVE-2017-11914)

Here's a snippet of the method. bool JavascriptGeneratorFunction::GetPropertyBuiltInsVar originalInstance, PropertyId propertyId, Var value, PropertyValueInfo info, ScriptContext requestContext, BOOL result if propertyId == PropertyIds::length ... int len = 0; Var varLength; if...

7.6CVSS7.8AI score0.62646EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/01/17 12:0 a.m.41 views

Microsoft Edge Chakra JavascriptGeneratorFunction::GetPropertyBuiltIns Exposure

Microsoft Edge: Chakra: JavascriptGeneratorFunction::GetPropertyBuiltIns exposes scriptFunction CVE-2017-11914 Here's a snippet of the method. bool JavascriptGeneratorFunction::GetPropertyBuiltInsVar originalInstance, PropertyId propertyId, Var value, PropertyValueInfo info, ScriptContext...

7.6CVSS7.9AI score0.62646EPSS
Exploits4
Circl
Circl
added 2018/01/17 12:0 a.m.11 views

CVE-2017-11914

creationtimestamp| type| source ---|---|--- 2018-01-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43713...

7.6CVSS7.7AI score0.62646EPSS
Exploits4References1
Prion
Prion
added 2017/12/12 9:29 p.m.22 views

Memory corruption

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due t...

7.6CVSS7.5AI score0.68491EPSS
Exploits25References3Affected Software2
Prion
Prion
added 2017/12/12 9:29 p.m.22 views

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how Internet...

7.6CVSS7.5AI score0.68491EPSS
Exploits28References4Affected Software1
Prion
Prion
added 2017/12/12 9:29 p.m.13 views

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how Internet Explorer...

7.6CVSS7.5AI score0.68491EPSS
Exploits28References3Affected Software1
Prion
Prion
added 2017/12/12 9:29 p.m.27 views

Memory corruption

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Thi...

7.6CVSS7.5AI score0.68491EPSS
Exploits28References3Affected Software1
Prion
Prion
added 2017/12/12 9:29 p.m.22 views

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how Internet...

7.6CVSS7.5AI score0.68491EPSS
Exploits28References4Affected Software1
Prion
Prion
added 2017/12/12 9:29 p.m.18 views

Memory corruption

ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

7.6CVSS7.6AI score0.68491EPSS
Exploits28References4Affected Software1
Prion
Prion
added 2017/12/12 9:29 p.m.18 views

Memory corruption

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the sam...

7.6CVSS7.4AI score0.68491EPSS
Exploits28References4Affected Software2
CVE
CVE
added 2017/12/12 9:0 p.m.103 views

CVE-2017-11914

CVE-2017-11914 concerns a memory handling issue in the ChakraCore scripting engine used by ChakraCore and Microsoft Edge on Windows 10 (versions 1511, 1607, 1703, 1709) and Windows Server 2016. The root cause is described as how the scripting engine handles objects in memory, leading to a memory ...

7.6CVSS7.6AI score0.62646EPSS
Exploits4References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/12/12 12:0 a.m.250 views

KB4053579: Windows 10 Version 1607 and Windows Server 2016 December 2017 Security Update

The remote Windows host is missing security update 4053579. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a wa...

9.8CVSS7.9AI score0.68491EPSS
Exploits38References26
Check Point Advisories
Check Point Advisories
added 2017/12/12 12:0 a.m.9 views

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11914)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge improperly accesses objects in memory. Successful exploitation of this vulnerability can achieve Remote Code Execution...

7.6CVSS8.1AI score0.62646EPSS
Exploits4
Rows per page
Query Builder