CVE-2016-7203

Published: 10/11/2016 Updated: 12/10/2018

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 765

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

The Chakra JavaScript scripting engine in Microsoft Edge allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft edge

<!-- Source: bugschromiumorg/p/project-zero/issues/detail?id=934 There is a heap overflow in Arraysplice in Chakra When an array is spliced, and overflow check is performed, but ArraySpeciesCreate, which can execute code and alter the array is called after this This can allow an Array with boundaries that cause integer overflows t ...

CWE-119 http://www.securityfocus.com/bid/94039 http://www.securitytracker.com/id/1037245 https://www.exploit-db.com/exploits/40787/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129 https://nvd.nist.gov https://www.exploit-db.com/exploits/40787/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-7203

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect