Rule Category

Alert Message

Rule Explanation

This event is generated when a specially crafted JavaScript file is detected that can cause an Out-of-Bounds read or write in certain versions of Microsoft Chakra JavaScript engine. Impact: Attempted Denial of Service Details: A bug exists in certain versions of Microsoft's Chakra JavaScript engine which allows a specially crafted JavaScript file to access Out-of-Bounds memory by exploiting a bug in the optimization phase to avoid bounds checking on a loop iterator. Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

Additional Links

CVE Additional Information