CVE-2017-11799 in Edge
Summary
by MITRE
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 12/20/2025
The vulnerability identified as CVE-2017-11799 represents a critical memory corruption issue within Microsoft ChakraCore JavaScript engine and Microsoft Edge browser implementation across multiple Windows operating system versions. This flaw exists in the scripting engine's handling of objects in memory, creating a pathway for remote code execution attacks that can be exploited by malicious actors. The vulnerability affects Windows 10 versions 1511, 1607, 1703, and Windows Server 2016, making it particularly concerning given the widespread adoption of these platforms. The memory corruption occurs during the processing of objects within the JavaScript runtime environment, specifically when the engine fails to properly validate or manage memory allocation for dynamically created objects. This type of vulnerability is classified under CWE-125 as "Out-of-bounds Read" and aligns with ATT&CK technique T1059.007 for "Command and Scripting Interpreter: JavaScript" which demonstrates how attackers can leverage scripting engines to execute malicious code.
The operational impact of this vulnerability extends beyond simple code execution, as it allows attackers to operate with the privileges of the current user context, potentially enabling further escalation attacks. When exploited, the memory corruption can lead to arbitrary code execution that may result in complete system compromise, data exfiltration, or persistent backdoor installation. The attack surface is broad since it affects both the ChakraCore engine used in Edge and other applications that rely on this JavaScript engine for scripting functionality. Attackers can craft malicious web pages or documents that trigger the vulnerable code path when processed by the browser, making this a significant concern for enterprise environments where users frequently encounter untrusted web content. The vulnerability's exploitation requires careful manipulation of memory structures and object handling within the JavaScript engine, demonstrating the sophisticated nature of modern browser-based attacks.
Mitigation strategies for CVE-2017-11799 should focus on immediate patching of affected systems, as Microsoft released security updates that address the memory corruption issue in the ChakraCore engine. Organizations should implement browser hardening measures including disabling unnecessary scripting capabilities, implementing content security policies, and deploying sandboxing mechanisms to limit the impact of potential exploitation. Network-level defenses such as web application firewalls and intrusion detection systems can help detect and block malicious payloads targeting this vulnerability. The ATT&CK framework suggests implementing behavioral monitoring to detect anomalous JavaScript execution patterns that might indicate exploitation attempts. Additionally, regular security assessments and vulnerability scanning should be conducted to identify any remaining unpatched systems within the organization. Security teams should also consider implementing user education programs to reduce the risk of social engineering attacks that might deliver malicious content triggering this vulnerability, as the attack often occurs through compromised websites or malicious email attachments.