New Search

Microsoft Edge Security Feature Bypass Vulnerability - CVE-2017-11874

oval:org.cisecurity:def:3627

Microsoft Edge in Microsoft Windows 10 1703 1709 Windows Server version 1709 and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system due to how Microsoft Edge handles accessing memory in code compiled by the Edge Just-In-Time (JIT) compiler aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11863 and CVE-2017-11872.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 10
Class:
vulnerability
Reference(s):
  • CVE-2017-11874
Product(s):
  • Microsoft Edge