Vulnerability Details CVE-2017-11802
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.74
EPSS Ranking 98.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.6
References
- http://www.securityfocus.com/bid/101130
- http://www.securitytracker.com/id/1039529
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11802
- https://www.exploit-db.com/exploits/43000/
- http://www.securityfocus.com/bid/101130
- http://www.securitytracker.com/id/1039529
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11802
- https://www.exploit-db.com/exploits/43000/
Products affected by CVE-2017-11802
-
cpe:2.3:a:microsoft:chakracore:-
-
cpe:2.3:a:microsoft:chakracore:1.2.0
-
cpe:2.3:a:microsoft:chakracore:1.2.0.0
-
cpe:2.3:a:microsoft:chakracore:1.2.1
-
cpe:2.3:a:microsoft:chakracore:1.2.2
-
cpe:2.3:a:microsoft:chakracore:1.2.3
-
cpe:2.3:a:microsoft:chakracore:1.3.0
-
cpe:2.3:a:microsoft:chakracore:1.3.1
-
cpe:2.3:a:microsoft:chakracore:1.3.2
-
cpe:2.3:a:microsoft:chakracore:1.4.0
-
cpe:2.3:a:microsoft:chakracore:1.4.1
-
cpe:2.3:a:microsoft:chakracore:1.4.2
-
cpe:2.3:a:microsoft:chakracore:1.4.3
-
cpe:2.3:a:microsoft:chakracore:1.4.4
-
cpe:2.3:a:microsoft:chakracore:1.4.5
-
cpe:2.3:a:microsoft:chakracore:1.5.0
-
cpe:2.3:a:microsoft:chakracore:1.5.1
-
cpe:2.3:a:microsoft:chakracore:1.5.2
-
cpe:2.3:a:microsoft:chakracore:1.5.3
-
cpe:2.3:a:microsoft:chakracore:1.6.0
-
cpe:2.3:a:microsoft:chakracore:1.6.1
-
cpe:2.3:a:microsoft:chakracore:1.6.2
-
cpe:2.3:a:microsoft:chakracore:1.7.0
-
cpe:2.3:a:microsoft:chakracore:1.7.1
-
cpe:2.3:a:microsoft:chakracore:1.7.2
-
cpe:2.3:a:microsoft:edge:-
-
cpe:2.3:a:microsoft:edge:108.0.1462.42
-
cpe:2.3:a:microsoft:edge:112.0.1722.34
-
cpe:2.3:a:microsoft:edge:114.0.1823.82
-
cpe:2.3:a:microsoft:edge:116.0.1938.98
-
cpe:2.3:a:microsoft:edge:117.0.2045.47
-
cpe:2.3:a:microsoft:edge:118.0.2088.88
-
cpe:2.3:a:microsoft:edge:122.0.2365.63
-
cpe:2.3:a:microsoft:edge:122.0.2365.92
-
cpe:2.3:a:microsoft:edge:123.0.2420.53
-
cpe:2.3:a:microsoft:edge:124.0.2478.105
-
cpe:2.3:a:microsoft:edge:124.0.2478.109
-
cpe:2.3:a:microsoft:edge:124.0.2478.121
-
cpe:2.3:a:microsoft:edge:124.0.2478.127
-
cpe:2.3:a:microsoft:edge:124.0.2478.131
-
cpe:2.3:a:microsoft:edge:124.0.2478.51
-
cpe:2.3:a:microsoft:edge:124.0.2478.67
-
cpe:2.3:a:microsoft:edge:124.0.2478.80
-
cpe:2.3:a:microsoft:edge:124.0.2478.97
-
cpe:2.3:a:microsoft:edge:125.0.2535.51
-
cpe:2.3:a:microsoft:edge:125.0.2535.67
-
cpe:2.3:a:microsoft:edge:125.0.2535.79
-
cpe:2.3:a:microsoft:edge:125.0.2535.85
-
cpe:2.3:a:microsoft:edge:125.0.2535.92
-
cpe:2.3:a:microsoft:edge:126.0.2592.102
-
cpe:2.3:a:microsoft:edge:126.0.2592.113
-
cpe:2.3:a:microsoft:edge:126.0.2592.56
-
cpe:2.3:a:microsoft:edge:126.0.2592.61
-
cpe:2.3:a:microsoft:edge:126.0.2592.68
-
cpe:2.3:a:microsoft:edge:126.0.2592.81
-
cpe:2.3:a:microsoft:edge:126.0.2592.87
-
cpe:2.3:a:microsoft:edge:127.0.2651.74
-
cpe:2.3:a:microsoft:edge:79.0.309.68
-
cpe:2.3:a:microsoft:edge:80.0.361.109
-
cpe:2.3:a:microsoft:edge:80.0.361.111
-
cpe:2.3:a:microsoft:edge:80.0.361.48
-
cpe:2.3:a:microsoft:edge:80.0.361.50
-
cpe:2.3:a:microsoft:edge:80.0.361.54
-
cpe:2.3:a:microsoft:edge:80.0.361.56
-
cpe:2.3:a:microsoft:edge:80.0.361.57
-
cpe:2.3:a:microsoft:edge:80.0.361.62
-
cpe:2.3:a:microsoft:edge:80.0.361.66
-
cpe:2.3:a:microsoft:edge:80.0.361.69
-
cpe:2.3:a:microsoft:edge:81.0.416.53
-
cpe:2.3:a:microsoft:edge:81.0.416.58
-
cpe:2.3:a:microsoft:edge:81.0.416.64
-
cpe:2.3:a:microsoft:edge:81.0.416.68
-
cpe:2.3:a:microsoft:edge:81.0.416.72
-
cpe:2.3:a:microsoft:edge:81.0.416.77
-
cpe:2.3:a:microsoft:edge:83.0.478.37
-
cpe:2.3:a:microsoft:edge:83.0.478.44
-
cpe:2.3:a:microsoft:edge:83.0.478.45
-
cpe:2.3:a:microsoft:edge:83.0.478.50
-
cpe:2.3:a:microsoft:edge:83.0.478.54
-
cpe:2.3:a:microsoft:edge:83.0.478.56
-
cpe:2.3:a:microsoft:edge:83.0.478.58
-
cpe:2.3:a:microsoft:edge:83.0.478.61
-
cpe:2.3:a:microsoft:edge:83.0.478.64
-
cpe:2.3:a:microsoft:edge:84.0.522.40
-
cpe:2.3:a:microsoft:edge:84.0.522.44
-
cpe:2.3:a:microsoft:edge:84.0.522.48
-
cpe:2.3:a:microsoft:edge:84.0.522.49
-
cpe:2.3:a:microsoft:edge:84.0.522.50
-
cpe:2.3:a:microsoft:edge:84.0.522.52
-
cpe:2.3:a:microsoft:edge:84.0.522.58
-
cpe:2.3:a:microsoft:edge:84.0.522.59
-
cpe:2.3:a:microsoft:edge:84.0.522.61
-
cpe:2.3:a:microsoft:edge:84.0.522.63
-
cpe:2.3:a:microsoft:edge:85.0.564.41
-
cpe:2.3:a:microsoft:edge:85.0.564.44
-
cpe:2.3:a:microsoft:edge:85.0.564.51
-
cpe:2.3:a:microsoft:edge:85.0.564.63
-
cpe:2.3:a:microsoft:edge:85.0.564.68
-
cpe:2.3:a:microsoft:edge:85.0.564.70
-
cpe:2.3:a:microsoft:edge:86.0.622.38
-
cpe:2.3:a:microsoft:edge:86.0.622.43
-
cpe:2.3:a:microsoft:edge:86.0.622.48
-
cpe:2.3:a:microsoft:edge:86.0.622.51
-
cpe:2.3:a:microsoft:edge:86.0.622.56
-
cpe:2.3:a:microsoft:edge:86.0.622.58
-
cpe:2.3:a:microsoft:edge:86.0.622.61
-
cpe:2.3:a:microsoft:edge:86.0.622.63
-
cpe:2.3:a:microsoft:edge:86.0.622.68
-
cpe:2.3:a:microsoft:edge:86.0.622.69
-
cpe:2.3:a:microsoft:edge:87.0.664.41
-
cpe:2.3:a:microsoft:edge:87.0.664.47
-
cpe:2.3:a:microsoft:edge:88.0.705.50
-
cpe:2.3:a:microsoft:edge:88.0.705.62
-
cpe:2.3:a:microsoft:edge:88.0.705.63
-
cpe:2.3:a:microsoft:edge:88.0.705.74
-
cpe:2.3:a:microsoft:edge:93.0.961.38
-
cpe:2.3:a:microsoft:edge:93.0.961.44
-
cpe:2.3:a:microsoft:edge:97.0.4692.99
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1511
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4467
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4886
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4946
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5192
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5246
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5291
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5356
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5427
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5648
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5717
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6351
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6452
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6897
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6981
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7070
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7159
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7259
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7336
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7428
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7515
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7606
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7876
-
cpe:2.3:o:microsoft:windows_server_2016:1709
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2016:2004
-
cpe:2.3:o:microsoft:windows_server_2016:20h2