High severity7.5NVD Advisory· Published Nov 15, 2017· Updated May 13, 2026

CVE-2017-11870

Description

ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11871, and CVE-2017-11873.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
Microsoft.ChakraCoreNuGet	< 1.7.4	1.7.4

Affected products

Microsoft Corporation/ChakraCore, Microsoft Edgev5
Range: Windows 10 1703, 1709, and Windows Server, version 1709.
Microsoft/Chakracore
cpe:2.3:a:microsoft:chakracore:-:*:*:*:*:*:*:*
Microsoft/Edge
cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*

Patches

b44ee8300ae0

[CVE-2017-11870] Edge - Exploitable write-AV when writing to a slot of a javascript null scope object. - Internal

https://github.com/chakra-core/ChakraCoreRajat DuaOct 20, 2017via ghsa

commit

1 file changed · +4 −0

lib/Parser/Parse.cpp+4 −0 modified

@@ -5194,6 +5194,10 @@ ParseNodePtr Parser::ParseFncDecl(ushort flags, LPCOLESTR pNameHint, const bool
             bool isRedecl = false;
             ParseNodePtr vardecl = CreateVarDeclNode(pnodeFnc->sxFnc.pnodeName->sxVar.pid, STVariable, false, nullptr, false, &isRedecl);
             vardecl->sxVar.isBlockScopeFncDeclVar = true;
+            if (vardecl->sxVar.sym->GetIsFormal())
+            {
+                GetCurrentFunctionNode()->sxFnc.SetHasAnyWriteToFormals(true);
+            }
             if (isRedecl)
             {
                 vardecl->sxVar.sym->SetHasBlockFncVarRedecl();

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11870nvdPatchVendor AdvisoryWEB
www.securityfocus.com/bid/101731nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039780nvdThird Party AdvisoryVDB Entry
github.com/advisories/GHSA-9f2p-wm46-6m5fghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2017-11870ghsaADVISORY
www.exploit-db.com/exploits/43182/nvdThird Party AdvisoryVDB Entry
github.com/chakra-core/ChakraCore/commit/b44ee8300ae03026d3c39cdbbfd32d410ac187f6ghsaWEB
github.com/chakra-core/ChakraCore/pull/4226ghsaWEB
web.archive.org/web/20210516131515/http://www.securityfocus.com/bid/101731ghsaWEB
web.archive.org/web/20210517135249/http://www.securitytracker.com/id/1039780ghsaWEB
www.exploit-db.com/exploits/43182ghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.064
exploit	0.030
kev	0.000
patch	-0.070
ransomware	0.000