Microsoft.ChakraCore is vulnerable to remote code execution. This is due to the failure to properly set AddImplicitCallFlags
, corrupting memory in such a way that an attacker could execute arbitrary code in the context of the current user.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.11.9 | |
microsoft.chakracore.vc140 | le | 1.11.9 |