New Search

Scripting Engine Memory Corruption Vulnerability - CVE-2017-11838

oval:org.cisecurity:def:3620

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1 Windows Server 2008 R2 SP1 Windows 8.1 and Windows RT 8.1 Windows Server 2012 R2 and Microsoft Edge and Internet Explorer in Windows 10 Gold 1511 1607 1703 1709 Windows Server 2016 and Windows Server version 1709 allows an attacker to gain the same user rights as the current user due to how the scripting engine handles objects in memory aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836 CVE-2017-11837 CVE-2017-11839 CVE-2017-11840 CVE-2017-11841 CVE-2017-11843 CVE-2017-11846 CVE-2017-11858 CVE-2017-11859 CVE-2017-11861 CVE-2017-11862 CVE-2017-11866 CVE-2017-11869 CVE-2017-11870 CVE-2017-11871 and CVE-2017-11873.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2008 R2
Class:
vulnerability
Reference(s):
  • CVE-2017-11838
Product(s):
  • Microsoft Edge
  • Microsoft Internet Explorer 11