High severity8.8CISA KEVNVD Advisory· Published Nov 10, 2016· Updated Jun 17, 2026
CVE-2016-7200
CVE-2016-7200
Description
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.ChakraCoreNuGet | < 1.2.2 | 1.2.2 |
Affected products
2Patches
Vulnerability mechanics
References
15- docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129nvdPatchVendor AdvisoryWEB
- www.exploit-db.com/exploits/40785/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/40990/nvdExploitThird Party AdvisoryVDB Entry
- packetstormsecurity.com/files/140382/Microsoft-Edge-chakra.dll-Information-Leak-Type-Confusion.htmlnvdThird Party AdvisoryVDB EntryWEB
- www.securityfocus.com/bid/93968nvdBroken LinkThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/id/1037245nvdBroken LinkThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-5whg-j5fv-xcm2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-7200ghsaADVISORY
- github.com/chakra-core/ChakraCore/commit/c2787ef8fdb7401922e9ec6540e4e5895d11c631ghsaWEB
- github.com/chakra-core/ChakraCore/pull/1982ghsaWEB
- web.archive.org/web/20210123184454/http://www.securityfocus.com/bid/93968ghsaWEB
- web.archive.org/web/20211126224744/http://www.securitytracker.com/id/1037245ghsaWEB
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government ResourceWEB
- www.exploit-db.com/exploits/40785ghsaWEB
- www.exploit-db.com/exploits/40990ghsaWEB
News mentions
0No linked articles in our index yet.