cbcvebase.
CVE-2017-8755
published 2017-09-13

CVE-2017-8755: Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current…

PriorityP269high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
71.27%
99.3th percentile
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8756, and CVE-2017-11764.

Affected

8 ranges
VendorProductVersion rangeFixed in
microsoft_corporationmicrosoft_edge
msrcmicrosoft_edge_on_windows_10_version_1511_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1511_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems
msrcmicrosoft_edge_on_windows_server_2016

Detection & IOCsextracted from sources · hover to see the quote

  • Trigger condition: stack exhaustion inside a try/catch causes JavascriptFunction::ReparseAsmJsModule to re-parse an already-reset (invalid) function body, leading to memory corruption in Microsoft Edge's Chakra engine
  • PoC JavaScript pattern to detect in network/proxy inspection: recursive function exhausting the stack combined with an asm.js Module call inside the catch block — look for the pattern recur()->catch->Module(1) in script content delivered to Edge
  • Vulnerability class is Scripting Engine Memory Corruption in Microsoft Edge (HTML-based) via object handling in memory; scope detection to Edge user-agent web traffic delivering crafted JavaScript with asm.js modules
  • Exploit is publicly disclosed; prioritize detection on unpatched Windows 10 1511/1607/1703 and Windows Server 2016 Edge instances
  • ·The root cause is that JavascriptFunction::ReparseAsmJsModule does not handle exceptions thrown by functionInfo->Parse(functionRef), leaving the function body in a reset/invalid state. Any detection must account for the fact that the exploit requires both an asm.js module and a stack-overflow exception path — benign deep recursion alone is not sufficient.
  • ·CVE-2017-8755 is specific to Microsoft Edge (HTML-based / Chakra engine); do not conflate with the broader list of co-disclosed Scripting Engine CVEs (CVE-2017-8649, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8756, CVE-2017-11764, CVE-2017-8660) which share the same vulnerability class but are distinct issues.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.