Lucene search
K

8 matches found

seebug.org
seebug.org
added 2018/01/22 12:0 a.m.46 views

Microsoft Edge: Chakra: OOB read in AppendLeftOverItemsFromEndSegment(CVE-2018-0767)

Here's a snippet of AppendLeftOverItemsFromEndSegment in JavascriptArray.inl. growby = endSeg-length; current = current-GrowByMinrecycler, growby; CopyArraycurrent-elements + endIndex + 1, endSeg-length, Js::SparseArraySegmentendSeg-elements, endSeg-length;...

2.6CVSS5.8AI score0.65467EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2018/01/15 12:0 a.m.3 views

Microsoft Edge Out Of Bounds Read Information Disclosure (CVE-2018-0767)

An out of bounds read information disclosure vulnerability exists within Microsoft Edge. This is due to the way Microsoft Edge handles array segments in certain Javascript methods. A successful attack could lead to stolen information...

2.6CVSS5.2AI score0.65467EPSS
Exploits1
Circl
Circl
added 2018/01/11 12:0 a.m.16 views

CVE-2018-0767

creationtimestamp| type| source ---|---|--- 2018-01-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43522...

5.3CVSS6.8AI score0.65467EPSS
Exploits1References1
Prion
Prion
added 2018/01/04 2:29 p.m.17 views

Information disclosure

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". Th...

2.6CVSS4.9AI score0.65467EPSS
Exploits5References4Affected Software1
OSV
OSV
added 2018/01/04 2:29 p.m.19 views

CVE-2018-0767

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE...

5.3CVSS5.1AI score0.65467EPSS
Exploits1References4
CVE
CVE
added 2018/01/04 2:0 p.m.89 views

CVE-2018-0767

CVE-2018-0767 affects Microsoft Edge on Windows 10 (versions 1511, 1607, 1703, 1709) and Windows Server 2016. The vulnerability stems from how the Scripting Engine handles objects in memory , enabling an attacker to perform an information-disclosure attack. Public references describe it as the Ed...

5.3CVSS5AI score0.65467EPSS
Exploits1References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2018/01/04 12:0 a.m.186 views

KB4056888: Windows 10 Version 1511 January 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4056888 or 4075200. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...

7.8CVSS8.2AI score0.93838EPSS
Exploits44References28
Tenable Nessus
Tenable Nessus
added 2018/01/04 12:0 a.m.613 views

KB4056892: Windows 10 Version 1709 and Windows Server Version 1709 January 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4056892 or 4073291. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...

7.8CVSS8.2AI score0.93838EPSS
Exploits56References36
Rows per page
Query Builder