CVE-2017-11894

EPSS 32.05% · P97 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-11894

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and and Internet Explorer adn Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Windows Edge和Internet Explorer和Microsoft ChakraCore 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Microsoft Windows 7 SP1等都是美国微软（Microsoft）公司发布的操作系统。Edge和Internet Explorer（IE）都是其中的浏览器。前者是最新操作系统Windows 10附带的默认浏览器，后者是Windows 10之前操作系统附带的默认浏览器。ChakraCore是使用在其中的一个开源的JavaScript引擎的核心部分，也可作为单独的JavaScript引擎使用。 Microsoft Windows中的Edge和IE 9、10、11和Microsoft Chakr

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Microsoft Corporation	ChakraCore, Microsoft Edge, Internet Explorer	Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.	-

II. Public POCs for CVE-2017-11894

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-11894

Please Login to view more intelligence information

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11894x_refsource_CONFIRM
http://www.securityfocus.com/bid/102053vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039991vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1039990vdb-entryx_refsource_SECTRACK
https://nvd.nist.gov/vuln/detail/CVE-2017-11894

Same Patch Batch · Microsoft Corporation · 2017-12-12 · 32 CVEs total

CVE-2017-11909		Microsoft Windows Edge和Microsoft ChakraCore 安全漏洞
CVE-2017-11939		Microsoft Office 2016 Click-to-Run 信息泄露漏洞
CVE-2017-11936		Microsoft SharePoint Enterprise Server 权限许可和访问控制问题漏洞
CVE-2017-11935		Microsoft Office 2016 Click-to-Run 安全漏洞
CVE-2017-11934		Microsoft Office 信息泄露漏洞
CVE-2017-11932		Microsoft Exchange Server 安全漏洞
CVE-2017-11930		Microsoft Windows Internet Explorer和Microsoft ChakraCore 安全漏洞
CVE-2017-11927		Microsoft Windows 安全漏洞
CVE-2017-11919		Microsoft Windows Edge和Internet Explorer和Microsoft ChakraCore 信息泄露漏洞
CVE-2017-11918		Microsoft Windows Edge和Microsoft ChakraCore 安全漏洞
CVE-2017-11916		Microsoft ChakraCore 安全漏洞
CVE-2017-11914		Microsoft Windows Edge和Microsoft ChakraCore 安全漏洞
CVE-2017-11913		Microsoft Windows Internet Explorer Scripting引擎安全漏洞
CVE-2017-11912		Microsoft Windows Edge和Internet Explorer 安全漏洞
CVE-2017-11911		Microsoft Windows Edge和Microsoft ChakraCore 安全漏洞
CVE-2017-11910		Microsoft Windows Edge和Microsoft ChakraCore 安全漏洞
CVE-2017-11885		Microsoft Windows RPC 安全漏洞
CVE-2017-11908		Microsoft Windows Edge和Microsoft ChakraCore 安全漏洞
CVE-2017-11907		Microsoft Windows Internet Explorer scripting引擎安全漏洞
CVE-2017-11906		Microsoft Windows Internet Explorer scripting引擎信息泄露漏洞

Showing top 20 of 32 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: ChakraCore, Microsoft Edge, Internet Explorer

Same vendor: Microsoft Corporation

V. Comments for CVE-2017-11894

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-11894

I. Basic Information for CVE-2017-11894

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-11894

III. Intelligence Information for CVE-2017-11894

Same Patch Batch · Microsoft Corporation · 2017-12-12 · 32 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-11894

Leave a comment