Lucene search
AnonymousZDI-17-913HistoryNov 20, 2017 - 12:00 a.m.
Microsoft Chakra Spread Operator Stack-based Buffer Overflow Remote Code Execution Vulnerability
2017-11-2000:00:00
Anonymous
www.zerodayinitiative.com
13
0.043 Low
EPSS
Percentile
92.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the JavaScript spread operator. By performing actions in JavaScript, an attacker can trigger an overflow of a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
mscve
mscve
Microsoft Edge Memory Corruption Vulnerability
2017-07-11 07:00:00
symantec
symantec
threatpost
threatpost
Microsoft Patch Tuesday Update Fixes 19 Critical Vulnerabilities
2017-07-11 16:36:23
nvd
nvd
cvelist
cvelist
cve
cve
prion
prion
Memory corruption
2017-07-11 21:29:00
Memory corruption
2017-07-11 21:29:00
Memory corruption
2017-07-11 21:29:00
osv
osv
kaspersky
kaspersky
nessus
nessus
KB4025338: Windows 10 July 2017 Cumulative Update
2017-11-03 00:00:00
KB4025344: Windows 10 Version 1511 July 2017 Cumulative Update
2017-07-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4025338)
2017-07-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4025344)
2017-07-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4025339)
2017-07-12 00:00:00
mskb
mskb
July 11, 2017âKB4025338 (OS Build 10240.17488)
2017-07-11 07:00:00
July 11, 2017âKB4025344 (OS Build 10586.1007)
2017-07-11 07:00:00
July 11, 2017âKB4025339 (OS Build 14393.1480)
2017-07-11 07:00:00
talosblog
talosblog
Microsoft Patch Tuesday - July 2017
2017-07-11 12:59:00
trendmicroblog
trendmicroblog