100 matches found
CVE-2017-0132
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...
CVE-2017-0094
CVE-2017-0094 describes a remote code execution in Microsoft scripting engines when handling objects in memory in Microsoft browsers. The connected document CPAI-2018-0053 adds concrete details for CVE-2017-0134: a remote code execution in Microsoft Edge scripting engine due to memory handling of...
CVE-2017-0150
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...
CVE-2017-0151
Technical details for CVE-2017-0151 are not publicly available in the provided Connected documents. No affected products, root cause, or remediation are specified here. Monitor for updates from newer advisories or the NVD entry.
CVE-2017-0138
CVE-2017-0134 is described in a connected advisory as a remote code execution vulnerability in the Microsoft Edge scripting engine, caused by how it handles objects in memory. The advisory states that a remote, unauthenticated attacker could exploit this by enticing the target user to open a spec...
CVE-2017-0150
Technical details for CVE-2017-0150 are not provided in the connected documents. The Initial Description offers high‑level impact (memory corruption leading to remote code execution) but no concrete product/version/root-cause specifics are present.
CVE-2017-0067
CVE-2017-0134 is a remote code execution flaw in the Microsoft Edge scripting engine, caused by memory handling issues when rendering objects in memory. The vulnerability could allow an attacker to execute arbitrary code in the context of the current user if the target is enticed to open a specia...
CVE-2017-0133
Technical details for CVE-2017-0133 are not present in the connected documents; the initial entry describes a remote code execution in Microsoft scripting engines, but no vendor/version/root-cause specifics are provided here. Monitor for updates.
CVE-2017-0136
CVE-2017-0134 is a remote code execution vulnerability in the Microsoft scripting engines used by Microsoft Edge/IE, caused by how objects in memory are handled by the scripting engine. The CPAI-2018-0053 advisory notes an exploit vector where a remote attacker could lure a user to open a special...
CVE-2017-0070
CVE-2017-0134 (Microsoft Edge Scripting Engine) is a remote code execution vulnerability caused by memory corruption when handling objects in memory in the scripting engine. The issue allows a remote attacker to entice a user to open a crafted page, potentially gaining the same user rights as the...
CVE-2017-0131
CVE-2017-0131 describes a remote code execution in Microsoft scripting engines when rendering objects in memory in Microsoft browsers. The root cause is memory corruption during object handling in the scripting engine, allowing an attacker to execute arbitrary code in the context of the current u...
CVE-2017-0071
CVE-2017-0134 is tied to a remote code execution vulnerability in Microsoft Edge’s scripting engine, arising from how in-memory objects are handled. The checkpoint advisory CPAI-2018-0053 states that a remote, unauthenticated attacker could lure a user to a crafted page to trigger memory corrupti...
PT-2017-1514 · Microsoft · Browsers +1
Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Microsoft browsers affected versions not specified Description: The issue is related to insufficient access restrictions to certain functions in Microsoft browsers, which could allow a remote...
Memory corruption
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7296...
CVE-2016-7287
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...
CVE-2016-7288
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296, and CVE-2016-7297...
CVE-2016-7227
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."...
CVE-2016-7227
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."...
CVE-2016-7202
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra...
Memory corruption
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra...