High severity7.5NVD Advisory· Published May 12, 2017· Updated Jun 17, 2026
CVE-2017-0236
CVE-2017-0236
Description
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.ChakraCoreNuGet | < 1.4.4 | 1.4.4 |
Affected products
3- Microsoft Corporation/Microsoft Edgev5Range: Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems.
Patches
Vulnerability mechanics
References
9- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0236nvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/98234nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-p3rw-88pp-w4jhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-0236ghsaADVISORY
- github.com/chakra-core/ChakraCore/commit/1ae7e3ce95515758b4cd7215cb4e48539a0f4031ghsaWEB
- github.com/chakra-core/ChakraCore/pull/2959ghsaWEB
- web.archive.org/web/20210125194440/http://www.securityfocus.com/bid/98234ghsaWEB
- web.archive.org/web/20211019191652/http://www.securitytracker.com/id/1038431ghsaWEB
- www.securitytracker.com/id/1038431nvd
News mentions
0No linked articles in our index yet.