ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka âScripting Engine Memory Corruption Vulnerabilityâ. This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
github.com/chakra-core/ChakraCore
github.com/chakra-core/ChakraCore/commit/972009a89e51c69971b80b1f5394886b304f880a
nvd.nist.gov/vuln/detail/CVE-2018-0858
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0858
web.archive.org/web/20210124135655/www.securityfocus.com/bid/102865
web.archive.org/web/20211208072939/www.securitytracker.com/id/1040372