9 matches found
Microsoft Edge: Chakra: JIT: Incorrect bounds calculation(CVE-2018-0769)
Let's start with comments in the "GlobOpt::TrackIntSpecializedAddSubConstant" method. // Track bounds for add or sub with a constant. For instance, consider b = a + 2. The value of 'b' should track // that it is equal to the value of 'a' + 2. That part has been done above. Similarly, the value of...
CVE-2018-0769
creationtimestamp| type| source ---|---|--- 2018-01-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43710 2018-01-17 07:18:26+00:00| published-proof-of-concept| https://t.me/antichat/651 2018-01-17 08:44:45+00:00| published-proof-of-concept| https://t.me/br0wsec/20...
Microsoft Edge Chakra JIT Incorrect Bounds Calculation
Microsoft Edge: Chakra: JIT: Incorrect bounds calculation CVE-2018-0769 Let's start with comments in the "GlobOpt::TrackIntSpecializedAddSubConstant" method. // Track bounds for add or sub with a constant. For instance, consider b = a + 2. The value of 'b' should track // that it is equal to the...
CVE-2018-0769
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...
CVE-2018-0769
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...
CVE-2018-0769
CVE-2018-0770 affects the Microsoft Edge scripting engine on Windows 10 (various builds) and Windows Server 2016, due to memory handling of in-memory objects in the scripting engine, leading to remote code execution in the context of the current user. A remote, unauthenticated attacker could enti...
KB4056888: Windows 10 Version 1511 January 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4056888 or 4075200. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0769)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge accesses an object in memory. A remote attacker can exploit this vulnerability by enticing a target victim to open a specially crafted web page...
Microsoft Edge Scripting Engine CVE-2018-0769 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...