VDB
CVE-2017-0224
CVE-2017-0224
PUBLISHED
CVSS 7.599999904632568 HIGH
A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.
EPSS 27.58% · 96.5th percentile
Risk Scores
CVSS 2.0
7.599999904632568
EPSS Score
27.58%
96.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft Corporation | Microsoft Edge | Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems. |
| NuGet | Microsoft.ChakraCore | 0 |
| microsoft | edge |
Exploit Intelligence
Timeline
- May 10, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 6, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 11, 2023 EPSS Score
- Apr 22, 2023 EPSS Score
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0224 url
- 98214 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2017-0224 advisory
- https://github.com/chakra-core/ChakraCore/pull/2959 url
- https://github.com/chakra-core/ChakraCore/commit/f022afb8246acc98e74a887bb655ac512caf6e72 url
- https://github.com/chakra-core/ChakraCore package
- https://web.archive.org/web/20210124043822/http://www.securityfocus.com/bid/98214 url
- https://helpx.adobe.com/security/products/flash-player/apsb17-15.html advisory
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://portal.msrc.microsoft.com/fr-fr/security-guidance/releasenotedetail/bc365363-f51e-e711-80da-000d3a32fc99 advisory