CVE-2016-7202

Name of the Vulnerable Software and Affected Versions Microsoft Edge (affected versions not specified) Microsoft Internet Explorer (affected versions not specified) Microsoft Windows (affected versions not specified)

Description The issue is caused by a buffer overflow in the Chakra JavaScript engine of Microsoft Edge, allowing a remote attacker to execute arbitrary code or cause a denial of service by accessing a specially crafted website. The vulnerability can also corrupt memory when handling objects, enabling an attacker to execute arbitrary code in the context of the current user. If the user has administrative rights, the attacker could gain control of the system, install programs, view or modify data, or create new accounts with full user rights.

Recommendations For Microsoft Edge, consider disabling the Chakra JavaScript engine as a temporary workaround until a patch is available. For Microsoft Internet Explorer, restrict access to the Array.splice method to minimize the risk of exploitation. For Microsoft Windows, avoid using the reverse method in JavaScript until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.