cbcvebase.
CVE-2017-8740
published 2017-09-13

CVE-2017-8740: Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft…

PriorityP269high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
72.17%
99.4th percentile
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, CVE-2017-8756, and CVE-2017-11764.

Affected

3 ranges
VendorProductVersion rangeFixed in
microsoft_corporationmicrosoft_edge
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4038788
  • PoC triggers OOB write via deferred parsing scope bug in Microsoft Edge Chakra engine; look for JavaScript patterns using default parameter expressions containing nested functions with `with ({})` and a named function expression where the name is referenced inside the body, combined with high-iteration loops (e.g., 0x10000 iterations).
  • The vulnerability is specific to Microsoft Edge's Chakra engine when deferred parsing is active (enabled by default in Edge); the bug causes emission of incorrect opcode `Js::OpCode::StLocalSlot` instead of the correct slot store when only `paramScope->GetIsObject()` is true — monitor for Edge scripting engine crashes or memory corruption in scenarios involving named function expressions with default parameters.
  • ·Exploit status at time of patch: publicly disclosed=No, exploited in the wild=No, but rated 'Exploitation More Likely' for the latest software release; no older software release rating provided.
  • ·Vulnerability is scoped to Microsoft Edge (HTML-based) scripting engine on Windows 10 1511, 1607, 1703, and Windows Server 2016; the deferred parsing feature that enables the bug is on by default in Edge.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.