Lucene search
AnonymousZDI-17-171HistoryMar 21, 2017 - 12:00 a.m.
Microsoft Windows JavaScript Spread Operator Stack-based Buffer Overflow Remote Code Execution Vulnerability
2017-03-2100:00:00
Anonymous
www.zerodayinitiative.com
15
0.182 Low
EPSS
Percentile
96.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the JavaScript spread operator as implemented in chakra.dll. By performing actions in JavaScript, an attacker can trigger an overflow of a stack-based buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.
Related
symantec
symantec
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2017-03-14 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Scripting Engine Memory Corruption (MS17-007: CVE-2017-0032)
2017-03-14 00:00:00
cve
cve
veracode
veracode
Remote Code Execution (RCE)
2018-12-05 01:48:56
Remote Code Execution (RCE)
2018-12-05 02:39:58
Remote Code Execution (RCE)
2018-12-05 02:07:53
prion
prion
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
cvelist
cvelist
nvd
nvd
mskb
mskb
MS17-007: Cumulative security update for Microsoft Edge: March 14, 2017
2017-03-14 00:00:00
March 14, 2017âKB4013198 (OS Build 10586.839)
2017-03-14 07:00:00
March 14, 2017âKB4012606 (OS Build 10240.17319)
2017-03-14 07:00:00
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (4013071)
2017-03-15 00:00:00
nessus
nessus
MS17-007: Cumulative Security Update for Microsoft Edge (4013071)
2017-03-14 00:00:00
kaspersky
kaspersky
KLA10968 Multiple vulnerabilities in Microsoft Edge
2017-03-14 00:00:00
KLA10967 Multiple vulnerabilities in Microsoft Browser
2017-03-14 00:00:00