Fwd: [CIVN-2020-0437] Chakra Scripting Engine Memory Corruption Vulnerability

Severity Rating: HIGH

Systems Affected

Microsoft Edge

Overview

A remote code execution vulnerability have been reported in Microsoft Edge

and ChakraCore scripting engine which could be exploited by an

unauthenticated remote attacker to execute arbitrary code on a targeted

system.

Description

This remote code execution vulnerabilities exist in Microsoft Edge and

ChakraCore scripting engine due to improper handling of memory objects. An

attacker could exploit this vulnerability by creating a specially crafted

web page and lure the user into viewing the webpage.

Successful exploitation of this vulnerability could allow a remote attacker

to execute arbitrary code on targeted system.

Solution

Apply appropriate patch as mentioned in Microsoft Security Guidance

https://portal.msrc.microsoft.com/en-us/security-guidance

Vendor Information

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17131

References

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17131

CVE Name

CVE-2020-17131

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2020-0437] Chakra Scripting Engine Memory Corruption Vulnerability

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive