Lucene search
Li Kemeng of Baidu Security LabZDI-16-689HistoryJun 21, 2017 - 12:00 a.m.
Microsoft Internet Explorer Array.splice Memory Corruption Remote Code Execution Vulnerability
2017-06-2100:00:00
Li Kemeng of Baidu Security Lab
www.zerodayinitiative.com
12
0.66 Medium
EPSS
Percentile
97.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the JavaScript method Array.splice. By performing actions in JavaScript an attacker can corrupt the state of a JavaScript array. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.
Related
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2016-11-08 08:00:00
exploitpack
exploitpack
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
2016-11-21 00:00:00
zdt
zdt
Microsoft Edge - Array.reverse Overflow Exploit
2016-11-19 00:00:00
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129) Exploit
2016-11-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Scripting Engine Memory Corruption (MS16-129: CVE-2016-7202)
2016-12-13 00:00:00
symantec
symantec
zdi
zdi
exploitdb
exploitdb
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
2016-11-21 00:00:00
thn
thn
Microsoft releases 12 Security Updates; Including 6 Critical Patches
2016-12-14 01:07:00
threatpost
threatpost
Microsoft Patches Publicly Disclosed IE, Edge Vulnerabilities
2016-12-13 15:27:58
mskb
mskb
MS16-144: Security update for Internet Explorer: December 13, 2016
2016-12-13 08:00:00
Security update 2016-12-13
2016-12-13 08:00:00
cve
cve
prion
prion
Memory corruption
2016-11-10 06:59:00
Memory corruption
2016-11-10 06:59:00
Memory corruption
2016-11-10 06:59:00
osv
osv
ChakraCore RCE Vulnerability
2022-05-14 02:22:42
ChakraCore RCE Vulnerability
2022-05-14 02:22:42
ChakraCore RCE Vulnerability
2022-05-14 02:22:18
github
github
ChakraCore RCE Vulnerability
2022-05-14 02:22:41
ChakraCore RCE Vulnerability
2022-05-14 02:22:42
ChakraCore RCE Vulnerability
2022-05-14 02:22:42
cvelist
cvelist
attackerkb
attackerkb
nvd
nvd
nessus
nessus
MS16-144: Cumulative Security Update for Internet Explorer (3204059)
2016-12-13 00:00:00
MS16-129: Cumulative Security Update for Microsoft Edge (3199057)
2016-11-08 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (3204059)
2016-12-14 00:00:00
Microsoft Edge Multiple Vulnerabities (3199057)
2016-11-09 00:00:00
kaspersky
kaspersky
KLA10900 Multiple vulnerabilities in Microsoft Browser
2016-11-08 00:00:00
KLA10897 Multiple vulnerabilities in Microsoft Windows
2016-11-08 00:00:00
KLA11832 Multiple vulnerabilities in Microsoft Products (ESU)
2016-11-08 00:00:00