CVE-2017-8601

creationtimestamp| type| source ---|---|--- 2017-08-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42479...

Microsoft Edge Chakra Incorrect Jit Optimization

Microsoft Edge: Chakra: incorrect jit optimization with TypedArray setter 3 CVE-2017-8601 Coincidentally, Microsoft released the patch for the issue 1290 the day after I reported it. But it seems they fixed it incorrectly again. This time, "funca, b, i;" is replaced with "funca, b, ;". PoC: 'use...

Microsoft Edge: Chakra: incorrect jit optimization with TypedArray setter #3(CVE-2017-8601)

Coincidentally, Microsoft released the patch for the issue 1290 the day after I reported it. But it seems they fixed it incorrectly again. This time, "funca, b, i;" is replaced with "funca, b, ;". PoC: 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main...

Memory corruption

Microsoft Edge in Microsoft Windows 10 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption...

Memory corruption

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory...

Memory corruption

Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Internet Explorer, aka...

Memory corruption

Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript...

CVE-2017-8601

CVE-2017-8601 is a vulnerability in the Microsoft Edge Scripting Engine on Windows 10 (Gold/1511/1607/1703) and Windows Server 2016. The root cause is memory handling during rendering of objects in the JavaScript engine, causing memory corruption that could allow an attacker to execute arbitrary ...

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8601)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system...

Microsoft Edge CVE-2017-8601 Scripting Engine Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...