Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8640)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge handles objects in memory. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

Microsoft Edge: Chakra: Uninitialized arguments(CVE-2017-8640)

Here's a snippet of "ParseVariableDeclaration" which is used for parsing declarations. template ParseNodePtr Parser::ParseVariableDeclaration tokens declarationType, charcountt ichMin, BOOL fAllowIn/ = TRUE/, BOOL pfForInOk/ = nullptr/, BOOL singleDefOnly/ = FALSE/, BOOL allowInit/ = TRUE/, BOOL...

Microsoft Edge Chakra Uninitialized Arguments Exploit

Microsoft Edge Chakra suffers from an uninitialized arguments vulnerability. Microsoft Edge: Chakra: Uninitialized arguments CVE-2017-8640 Here's a snippet of "ParseVariableDeclaration" which is used for parsing declarations. template ParseNodePtr Parser::ParseVariableDeclaration tokens...

Microsoft Edge Chakra Uninitialized Arguments

Microsoft Edge: Chakra: Uninitialized arguments CVE-2017-8640 Here's a snippet of "ParseVariableDeclaration" which is used for parsing declarations. template ParseNodePtr Parser::ParseVariableDeclaration tokens declarationType, charcountt ichMin, BOOL fAllowIn/ = TRUE/, BOOL pfForInOk/ = nullptr/...

Memory corruption

Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption...

Memory corruption

Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique...

Memory corruption

Microsoft Edge in Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption...

CVE-2017-8640

CVE-2017-8640 is a Microsoft Edge scripting engine memory corruption vulnerability in Windows 10 (Gold/1511/1607/1703) and Windows Server 2016. The issue arises when rendering objects in memory, allowing an attacker to execute arbitrary code in the context of the current user. The connected advis...