RULE(RULE ID:321895)

Rule General Information
Release Date: 2019-06-20
Rule Name: Microsoft Internet Explorer Jscript RegExpComp Compile Buffer Overflow Vulnerability (CVE-2017-11890)
Severity:
CVE ID:
Rule Protection Details
Description: Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.
Impact: A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service.
Affected OS: Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others
Reference: SecurityFocusBID:102082
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11890
SecurityTrackerID:1039991
ExploitDB:43369
Solutions
The vendors have released upgrade patches to fix vulnerabilities, please visit:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11890