Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2016-7202

Published: 10/11/2016 Updated: 12/10/2018
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 770
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Summary

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft edge

Exploits

Exploit DB: Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
<!-- Source: wwwsecurity-assessmentcom/files/documents/advisory/edge_chakra_mem_corruptionpdf Name: Microsoft Edge Scripting Engine Memory Corruption Vulnerability (MS16-129) CVE: CVE-2016-7202 Vendor Website: wwwmicrosoftcom/ Date Released: 09/11/2016 Affected Software: Microsoft Windows 10, Microsoft Windows Server 2016 Res ...
Exploit DB: Microsoft Edge - 'Array.reverse' Overflow
<!-- Source: bugschromiumorg/p/project-zero/issues/detail?id=925 There is an overflow when reversing arrays in Chakra On line 5112 of JavascriptArray::EntryReverse, the length of the array is fetched and stored It is then passed as a parameter into JavascriptArray::ReverseHelper, which then calls FillFromPrototypes, which can chang ...

References

CWE-119http://www.securityfocus.com/bid/94042http://www.zerodayinitiative.com/advisories/ZDI-16-593http://www.securitytracker.com/id/1037245https://www.exploit-db.com/exploits/40793/https://www.exploit-db.com/exploits/40786/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-144https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129https://nvd.nist.govhttps://www.exploit-db.com/exploits/40793/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519open redirectCVE-2024-21683cache poisoningCVE-2021-47524CVE-2021-47521CVE-2024-5229CVE-2021-47560local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook