cbcvebase.
CVE-2017-11861
published 2017-11-15

CVE-2017-11861: Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the…

PriorityP268high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
64.19%
99.1th percentile
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.

Affected

9 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
msrcchakracore
msrcmicrosoft_edge_on_windows_10_version_1607_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1709_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1709_for_x64-based_systems
msrcmicrosoft_edge_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1343
  • PoC triggers a Uint32Array of size 0x1000 iterated up to 0x7fffffff in a tight loop writing 0x1234 — look for JIT compilation of loops with near-INT_MAX bounds in Edge/ChakraCore
  • Vulnerability is in Lowerer::LowerBoundCheck — integer overflow check uses IntConstMath::Add on a 64-bit pointer-sized type but the offset is consumed as 32-bit, bypassing overflow detection on 64-bit systems; monitor for JIT-compiled bound-check elimination anomalies in ChakraCore
  • Exploitation vector is a web-based attack via a specially crafted website targeting Microsoft Edge (HTML-based); monitor for drive-by script delivery through Edge processes
  • Exploit status rated 'Exploitation More Likely' for latest software release; prioritise detection on unpatched Edge/ChakraCore instances below v1.7.4
  • ·Patch is delivered via ChakraCore v1.7.4 and Windows Update KB4048954/KB4048953/KB4048955; systems not yet updated remain vulnerable
  • ·Affected platforms span Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server version 1709 running Microsoft Edge or ChakraCore

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
ghsa7.5HIGH
osv7.5HIGH
vulncheck7.5HIGH
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.