PT-2017-18458 · Microsoft · Windows 10+2

Published

2017-08-08

Updated

2022-05-17

CVE-2017-8659

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Edge in Microsoft Windows 10 version 1703

Description An information disclosure issue exists due to the Chakra scripting engine not properly handling objects in memory. This could allow an attacker to obtain information to further compromise the user's system.

Recommendations For Microsoft Edge in Microsoft Windows 10 version 1703, update the Chakra scripting engine to a version that properly handles objects in memory to prevent information disclosure.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-8659

GHSA-H6M7-JPHX-F9P5

Affected Products

Chakra Scripting Engine

Edge

Windows 10

PT-2017-18458 · Microsoft · Windows 10+2

CVE-2017-8659

Weakness Enumeration

Related Identifiers

Affected Products

References · 11