Lucene search
Bee13oy of CloverSec LabsZDI-17-173HistoryMar 21, 2017 - 12:00 a.m.
Microsoft Edge JavaScript Parsing Uninitialized Pointer Remote Code Execution Vulnerability
2017-03-2100:00:00
bee13oy of CloverSec Labs
www.zerodayinitiative.com
12
0.182 Low
EPSS
Percentile
96.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JavaScript. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.
Related
symantec
symantec
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2017-03-14 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Scripting Engine Memory Corruption (MS17-007: CVE-2017-0067)
2017-03-14 00:00:00
cve
cve
veracode
veracode
Remote Code Execution (RCE)
2018-12-05 01:35:01
Remote Code Execution (RCE)
2018-12-05 01:35:52
Remote Code Execution (RCE)
2018-12-05 02:21:51
prion
prion
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
cvelist
cvelist
nvd
nvd
mskb
mskb
MS17-007: Cumulative security update for Microsoft Edge: March 14, 2017
2017-03-14 00:00:00
March 14, 2017âKB4013198 (OS Build 10586.839)
2017-03-14 07:00:00
March 14, 2017âKB4012606 (OS Build 10240.17319)
2017-03-14 07:00:00
kaspersky
kaspersky
KLA10968 Multiple vulnerabilities in Microsoft Edge
2017-03-14 00:00:00
KLA10967 Multiple vulnerabilities in Microsoft Browser
2017-03-14 00:00:00
nessus
nessus
MS17-007: Cumulative Security Update for Microsoft Edge (4013071)
2017-03-14 00:00:00
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (4013071)
2017-03-15 00:00:00