7 matches found
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0770)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way the scripting engine handles objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Edge Chakra JIT Incomplete Fix
Microsoft Edge: Chakra: JIT: Incomplete fix for issue 1365 CVE-2018-0770 It seems this is the patch for the bug. https://github.com/Microsoft/ChakraCore/pull/4226/commits/874551dd00ff6f404e593c7e0162efb54b953f5a The following two cases will bypass the fix. 1: function opt let obj = new...
CVE-2018-0770
creationtimestamp| type| source ---|---|--- 2018-02-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44075...
CVE-2018-0770
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...
Memory corruption
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...
CVE-2018-0770
CVE-2018-0770 is a remote code execution vulnerability in Microsoft Edge's scripting engine memory handling. The CPAI-2018-0134 advisory states a remote unauthenticated attacker could exploit this by enticing a user to open a specially crafted webpage, affecting Edge on Windows 10 releases (Gold,...
KB4056888: Windows 10 Version 1511 January 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4056888 or 4075200. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...