Lucene search
K

9 matches found

seebug.org
seebug.org
added 2018/01/22 12:0 a.m.35 views

Microsoft Edge: Chakra: JIT: Incorrect bounds calculation(CVE-2018-0769)

Let's start with comments in the "GlobOpt::TrackIntSpecializedAddSubConstant" method. // Track bounds for add or sub with a constant. For instance, consider b = a + 2. The value of 'b' should track // that it is equal to the value of 'a' + 2. That part has been done above. Similarly, the value of...

7.6CVSS7.7AI score0.78954EPSS
Exploits4
Circl
Circl
added 2018/01/17 12:0 a.m.22 views

CVE-2018-0769

creationtimestamp| type| source ---|---|--- 2018-01-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43710 2018-01-17 07:18:26+00:00| published-proof-of-concept| https://t.me/antichat/651 2018-01-17 08:44:45+00:00| published-proof-of-concept| https://t.me/br0wsec/20...

7.6CVSS7.3AI score0.78954EPSS
Exploits4References3
Packet Storm
Packet Storm
added 2018/01/17 12:0 a.m.53 views

Microsoft Edge Chakra JIT Incorrect Bounds Calculation

Microsoft Edge: Chakra: JIT: Incorrect bounds calculation CVE-2018-0769 Let's start with comments in the "GlobOpt::TrackIntSpecializedAddSubConstant" method. // Track bounds for add or sub with a constant. For instance, consider b = a + 2. The value of 'b' should track // that it is equal to the...

0.2AI score0.78954EPSS
Exploits4
NVD
NVD
added 2018/01/04 2:29 p.m.18 views

CVE-2018-0769

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...

7.6CVSS7.5AI score0.78954EPSS
Exploits4References4
Cvelist
Cvelist
added 2018/01/04 2:0 p.m.30 views

CVE-2018-0769

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...

6.7AI score0.78954EPSS
Exploits4References4
CVE
CVE
added 2018/01/04 2:0 p.m.94 views

CVE-2018-0769

CVE-2018-0770 affects the Microsoft Edge scripting engine on Windows 10 (various builds) and Windows Server 2016, due to memory handling of in-memory objects in the scripting engine, leading to remote code execution in the context of the current user. A remote, unauthenticated attacker could enti...

7.6CVSS6.8AI score0.78954EPSS
Exploits4References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/01/04 12:0 a.m.186 views

KB4056888: Windows 10 Version 1511 January 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4056888 or 4075200. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...

7.8CVSS8.2AI score0.93838EPSS
Exploits44References28
Check Point Advisories
Check Point Advisories
added 2018/01/04 12:0 a.m.4 views

Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0769)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge accesses an object in memory. A remote attacker can exploit this vulnerability by enticing a target victim to open a specially crafted web page...

7.6CVSS7.6AI score0.78954EPSS
Exploits4
Symantec
Symantec
added 2018/01/03 12:0 a.m.34 views

Microsoft Edge Scripting Engine CVE-2018-0769 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...

7.6CVSS7.8AI score0.78954EPSS
Exploits4
Rows per page
Query Builder