CVE-2016-0024: Improper Restriction of Operations within the Bounds of a Memory Buffer

May 14, 2022 (updated July 31, 2023)

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka “Scripting Engine Memory Corruption Vulnerability.”

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-002
github.com/advisories/GHSA-g77f-7wm9-rh6p
nvd.nist.gov/vuln/detail/CVE-2016-0024
web.archive.org/web/20210508011246/http://www.securityfocus.com/bid/79891
web.archive.org/web/20211024030653/http://www.securitytracker.com/id/1034649

Code Behaviors & Features

Detect and mitigate CVE-2016-0024 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →