Lucene search
Veracode Vulnerability DatabaseVERACODE:6944HistoryJul 05, 2018 - 3:47 a.m.
Remote Code Execution (RCE)
2018-07-0503:47:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.947 High
EPSS
Percentile
99.3%
microsoft.chakracore is vulnerable to remote code execution. This happens because it performs an invalid stack restore in Parse.h when destructuring is used. This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. This vulnerability also affects Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft.chakracore | le | 1.7.4 | |
| microsoft.chakracore.vc140 | le | 1.7.4 |
Related
veracode
veracode
Remote Code Execution (RCE) Via Memory Corruption
2018-07-04 07:53:08
Privilege Escalation
2018-07-04 08:36:54
Remote Code Execution (RCE)
2018-07-05 04:04:27
cvelist
cvelist
prion
prion
Memory corruption
2017-12-12 21:29:00
Memory corruption
2017-12-12 21:29:00
Memory corruption
2017-12-12 21:29:00
osv
osv
ChakraCore vulnerable to remote code execution
2022-05-14 01:06:50
CVE-2017-11889
2017-12-12 21:29:01
CVE-2017-11895
2017-12-12 21:29:01
nvd
nvd
cve
cve
github
github
ChakraCore RCE Vulnerability
2022-05-17 00:11:39
ChakraCore RCE Vulnerability
2022-05-14 04:03:59
ChakraCore vulnerable to remote code execution
2022-05-14 01:06:51
kaspersky
kaspersky
KLA11158 Multiple vunlerabilities in Microsoft Browsers
2017-12-12 00:00:00
KLA10918 Multiple vulnerabilities in Microsoft Products (ESU)
2017-12-12 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4054517)
2017-12-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4053579)
2017-12-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4053578)
2017-12-13 00:00:00
mskb
mskb
December 12, 2017—KB4053578 (OS Build 10586.1295)
2017-12-12 08:00:00
December 12, 2017—KB4053579 (OS Build 14393.1944)
2017-12-12 08:00:00
December 12, 2017—KB4053580 (OS Build 15063.786)
2017-12-12 08:00:00
nessus
nessus
KB4053580: Windows 10 Version 1703 December 2017 Security Update
2017-12-12 00:00:00
trendmicroblog
trendmicroblog
talosblog
talosblog
Microsoft Patch Tuesday - December 2017
2017-12-12 15:32:00
cert
cert
threatpost
threatpost
Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10
2017-12-19 11:00:13
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2017-12-12 08:00:00
Scripting Engine Memory Corruption Vulnerability
2017-12-12 08:00:00
Scripting Engine Memory Corruption Vulnerability
2017-12-12 08:00:00
symantec
symantec
zdt
zdt
Microsoft Edge Chakra JIT - Escape Analysis Bug Exploit
2018-01-09 00:00:00
Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call User-Defined Jav
2018-01-09 00:00:00
Microsoft Windows jscript!NameTbl::GetValDef Use-After-Free Exploit
2017-12-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11893)
2017-12-12 00:00:00
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11889)
2017-12-12 00:00:00
zdi
zdi
seebug
seebug
packetstorm
packetstorm
Microsoft Windows jscript!RegExpComp::Compile Heap Overflow
2017-12-18 00:00:00
Microsoft Windows Array.sort jscript.dll Heap Overflow
2017-12-19 00:00:00
Microsoft Edge Chakra JIT Escape Analysis Bug
2018-01-10 00:00:00