Microsoft ChakraCore is vulnerable to remote code execution. This is due to a type confusion in boundfunction
handling which could lead to memory corruption and allow an attacker in memory to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.8.3 | |
microsoft.chakracore.vc140 | le | 1.8.3 |