cbcvebase.
CVE-2017-8657
published 2017-08-08

CVE-2017-8657: Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current…

PriorityP266high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
54.56%
98.9th percentile
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.

Affected

11 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoft_corporationmicrosoft_scripting_engine
msrcmicrosoft_edge_on_windows_10_version_1511_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems
msrcmicrosoft_edge_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered via a specially crafted website hosted by an attacker, targeting Microsoft browser JavaScript engines (Chakra/Microsoft Scripting Engine) through memory corruption when handling objects in memory during delayed compilation/source fetching.
  • Exploit can also be delivered via an ActiveX control marked 'safe for initialization' embedded in an application or Microsoft Office document hosting the related rendering engine — monitor for Office documents loading ActiveX/scripting engine content.
  • The out-of-bounds access occurs in Chakra's List.h during delayed compilation when fetching function source; in debug builds this triggers an assertion at List.h line 329 (index >= 0 && index < count). Monitor for Chakra/Edge crashes or illegal instruction signals as indicators of exploitation attempts.
  • The PoC JavaScript triggers the bug via asm.js module functions combined with a deopt object whose toString callback re-references the compiled function during delayed compilation — detect JavaScript containing 'use asm' combined with toString-based deoptimization callbacks passed to comparison operations.
  • ·Exploit status at time of advisory was 'Publicly Disclosed: No; Exploited: No; Latest Software Release: Exploitation More Likely' — no in-the-wild exploitation confirmed at patch time, but exploitation was rated more likely.
  • ·The PoC is derived from a V8/Chrome test case minimized to demonstrate the Chakra issue; the root cause is an out-of-bounds read of the source buffer treated as a pointer, making it likely exploitable for code execution.
  • ·Affected scope is Microsoft Edge on Windows 10 1703 and Microsoft Scripting Engine; patches are referenced via KB4034674, KB4034660, and KB4034658.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.