VYPR
High severity7.5NVD Advisory· Published May 12, 2017· Updated Jun 17, 2026

CVE-2017-0236

CVE-2017-0236

Description

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Microsoft.ChakraCoreNuGet
< 1.4.41.4.4

Affected products

3
  • cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 1.4.4
  • Microsoft Corporation/Microsoft Edgev5
    Range: Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems.

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.