CVE-2017-8641

HIGH

Microsoft Edge and Internet Explorer - Remote Code Execution via JavaScript Engine Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-8641. PoCs published by Huang Anwen, homjxi0e.

AI-analyzed exploit summary This exploit demonstrates a heap overflow vulnerability in Chakra (CVE-2017-8641) where a large string passed to eval causes an out-of-bounds write during UTF-8 encoding. The PoC triggers a crash in Microsoft Edge by exploiting incorrect buffer size calculations.

Description

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.

Exploits (2)

exploitdb WORKING POC
by Huang Anwen · htmldoswindows
https://www.exploit-db.com/exploits/42465

This exploit demonstrates a heap overflow vulnerability in Chakra (CVE-2017-8641) where a large string passed to eval causes an out-of-bounds write during UTF-8 encoding. The PoC triggers a crash in Microsoft Edge by exploiting incorrect buffer size calculations.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Edge (Chakra JavaScript engine)
No auth needed
Prerequisites: Target must be running a vulnerable version of Microsoft Edge
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP 1 stars
by homjxi0e · poc
https://github.com/homjxi0e/CVE-2017-8641_chakra_Js_GlobalObject

This repository contains a README describing CVE-2017-8641, a memory corruption vulnerability in Microsoft browser JavaScript engines. No exploit code is provided, only a description and an unrelated image.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Theoretical
Reliability
Theoretical
Target: Microsoft browsers (Edge, IE) on Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, Windows Server 2012/R2, Windows 10 (various builds), Windows Server 2016
No auth needed
Prerequisites: Victim must visit a malicious webpage or open a malicious file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/100057
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1039095
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/42465/

Scores

CVSS v3 7.5
EPSS 0.7397
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (5)
microsoft/edge
microsoft/internet_explorer 9
microsoft/internet_explorer 10
microsoft/internet_explorer 11
Microsoft Corporation/Microsoft Scripting Engine Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server
Published Aug 08, 2017
Tracked Since Feb 18, 2026