CVE-2017-0235
Description
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka Scripting Engine Memory Corruption Vulnerability. This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0236, and CVE-2017-0238.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
27.041
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Browser Spoofing Vulnerability for Windows 10 Version 1703 for x64-based Systems - WannaCrypt Ransomware Fix(KB4016871) - Cumulative | Windows |
| Microsoft Browser Spoofing Vulnerability for Windows 10 Version 1703 for x86-based Systems - WannaCrypt Ransomware Fix(KB4016871) - Cumulative | Windows |
| Multiple vulnerabilities are fixed in Nuget - Microsoft.ChakraCore 1.4.4 | Windows |
| Multiple vulnerabilities are fixed in Nuget - Microsoft.ChakraCore for Linux 1.4.4 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234