Описание
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
Ссылки
- Third Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- PatchVendor Advisory
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- PatchVendor Advisory
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
EPSS
Процентиль: 100%
0.90138
Критический
8.8 High
CVSS3
7.6 High
CVSS2
Дефекты
CWE-843
CWE-843
Связанные уязвимости
fstec
больше 8 лет назад
Уязвимость браузера Microsoft Edge, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
EPSS
Процентиль: 100%
0.90138
Критический
8.8 High
CVSS3
7.6 High
CVSS2
Дефекты
CWE-843
CWE-843