microsoft.chakracore is vulnerable to remote code execution. This happens when the NewTarget
flag is passed on proxy function call trap. This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, and CVE-2017-11812.This vulnerability also affects ChakraCore and Microsoft Edge in Microsoft Windows 10 1703.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.7.2 | |
microsoft.chakracore.vc140 | le | 1.7.2 |