High severity7.5NVD Advisory· Published May 12, 2017· Updated Jun 17, 2026
CVE-2017-0235
CVE-2017-0235
Description
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0236, and CVE-2017-0238.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.ChakraCoreNuGet | < 1.4.4 | 1.4.4 |
Affected products
3- Microsoft Corporation/Microsoft Edgev5Range: Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems.
Patches
Vulnerability mechanics
References
7- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0235nvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/98230nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-rm8g-7g54-w6fhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-0235ghsaADVISORY
- github.com/chakra-core/ChakraCore/commit/f022afb8246acc98e74a887bb655ac512caf6e72ghsaWEB
- github.com/chakra-core/ChakraCore/pull/2959ghsaWEB
- web.archive.org/web/20210124044045/http://www.securityfocus.com/bid/98230ghsaWEB
News mentions
0No linked articles in our index yet.