CVE-2016-7201
HIGH KEV RANSOMWAREMicrosoft Edge - Remote Code Execution via Chakra JavaScript Engine Type Confusion
Title source: llmExploitation Summary
CVE-2016-7201 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 28, 2022, with confirmed use in ransomware campaigns. EIP tracks 3 public exploits from researchers including Google Security Research, Brian Pak, theori-io.
AI-analyzed exploit summary This exploit leverages a type confusion vulnerability in JavaScript arrays via Proxy objects to manipulate array prototypes, leading to arbitrary memory access. The PoC demonstrates the issue by confusing an integer with a pointer in the context of array operations.
Description
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
Exploits (3)
This exploit leverages a type confusion vulnerability in JavaScript arrays via Proxy objects to manipulate array prototypes, leading to arbitrary memory access. The PoC demonstrates the issue by confusing an integer with a pointer in the context of array operations.
This exploit leverages a type confusion vulnerability (CVE-2016-7200) and an information leak (CVE-2016-7201) in ChakraCore to achieve remote code execution. It demonstrates the exploitation by launching notepad.exe via WinExec.
This repository contains a functional proof-of-concept exploit for CVE-2016-7201, which leverages an information leak and type confusion vulnerability in Chakra (Edge's JavaScript engine) to achieve remote code execution. The exploit is delivered via an HTML file that triggers the vulnerability when loaded in Microsoft Edge.
References (8)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H