CVE-2016-7200

CVE Published 2016-11-10
Related CWE(s) CWE-787: Out-of-bounds Write, CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
Related Vendor(s) microsoft
Related Product(s) edge
Exploitation Reported (CISA KEV) 2022-03-28
CVSS 3 Base Score 8.8 (HIGH)
CVSS 3 Attack Complexity LOW
CVSS 3 Attack Vector NETWORK

The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.

Cyber Threat Graph Context

Explore how this CVE relates to the wider threat graph

Associated CAPEC Patterns

References