vulnerability

Microsoft Windows: CVE-2017-0235: Scripting Engine Memory Corruption Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:H/Au:N/C:C/I:C/A:C)	May 9, 2017	May 9, 2017	Sep 3, 2025

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Published

May 9, 2017

Added

May 9, 2017

Modified

Sep 3, 2025

Description

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0236, and CVE-2017-0238.

Solution

microsoft-windows-windows_10-1703-kb4016871

References

BID-98230
CVE-2017-0235
https://attackerkb.com/topics/CVE-2017-0235
CWE-119
https://support.microsoft.com/help/4016871

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report