Msrc Microsoft Edge vulnerabilities

CVE-2017-11837 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current u

CVE-2017-8750 [HIGH] Microsoft Browser Memory Corruption Vulnerability Microsoft Browser Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the cur

CVE-2017-8748 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8741 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8736 [MEDIUM] Microsoft Browser Information Disclosure Vulnerability Microsoft Browser Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in Microsoft browsers due to improper parent domain verification in certain functionality. An attacker who successfully exploited the vulnerability could obtain specific information that is used in the parent domain. To exploit the vulnerability, an attacker must have access to host malicious content on a

CVE-2017-8669 [HIGH] Microsoft Browser Memory Corruption Vulnerability Microsoft Browser Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way Microsoft browsers handle objects in memory while rendering content. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current u

CVE-2017-8641 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8635 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8636 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8653 [HIGH] Microsoft Browser Memory Corruption Vulnerability Microsoft Browser Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the cur

CVE-2017-8592 [MEDIUM] Microsoft Browser Security Feature Bypass Vulnerability Microsoft Browser Security Feature Bypass Vulnerability Description: A security feature bypass vulnerability exists when Microsoft browsers improperly handle redirect requests. The vulnerability allows Microsoft browsers to bypass CORS redirect restrictions, and to follow redirect requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data t

CVE-2017-8606 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8608 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8607 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8602 [MEDIUM] Microsoft Browser Spoofing Vulnerability Microsoft Browser Spoofing Vulnerability Description: A spoofing vulnerability exists when Microsoft browsers do not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. To exploit the v

CVE-2017-8522 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-8529 [MEDIUM] Microsoft Browser Information Disclosure Vulnerability Microsoft Browser Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability. In addition,

CVE-2017-8524 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-0228 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website tha

CVE-2017-0231 [MEDIUM] Microsoft Browser Spoofing Vulnerability Microsoft Browser Spoofing Vulnerability Description: A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could then either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. To exploit the vulne