Lucene search
Veracode Vulnerability DatabaseVERACODE:6957HistoryJul 06, 2018 - 2:39 a.m.
Remote Code Execution (RCE)
2018-07-0602:39:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.946 High
EPSS
Percentile
99.3%
microsoft.chakracore is vulnerable to remote code execution. This happens due to the type confustion in FrameDisplay items that can lead to an Out-Of-Bound Read . This CVE ID is different from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.This vulnerability also affects Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft.chakracore | le | 1.7.2 | |
| microsoft.chakracore.vc140 | le | 1.7.2 |
Related
prion
prion
Information disclosure
2017-10-13 13:29:00
Memory corruption
2017-10-13 13:29:00
Memory corruption
2017-10-13 13:29:00
osv
osv
ChakraCore RCE Vulnerability
2022-05-17 00:32:03
CVE-2017-11808
2017-10-13 13:29:01
ChakraCore RCE Vulnerability
2022-05-17 00:32:27
veracode
veracode
Remote Code Execution (RCE)
2018-07-06 04:31:24
Remote Code Execution (RCE)
2018-07-06 01:13:45
Remote Code Execution (RCE)
2018-11-16 02:36:58
nvd
nvd
cve
cve
github
github
ChakraCore RCE Vulnerability
2022-05-17 00:32:12
ChakraCore RCE Vulnerability
2022-05-17 00:32:03
ChakraCore RCE Vulnerability
2022-05-17 00:32:03
cvelist
cvelist
kaspersky
kaspersky
KLA11112 Multiple vulnerabilities in Microsoft Browsers
2017-10-10 00:00:00
nessus
nessus
KB4041676: Windows 10 Version 1703 October 2017 Cumulative Update (KRACK)
2017-10-10 00:00:00
Security Updates for Internet Explorer (October 2017)
2017-11-30 00:00:00
mskb
mskb
October 10, 2017—KB4041676 (OS Build 15063.674)
2017-10-16 07:00:00
October 10, 2017—KB4041691 (OS Build 14393.1770)
2017-10-16 07:00:00
Cumulative security update for Internet Explorer: October 10, 2017
2017-10-10 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4041676)
2017-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4041689)
2017-10-11 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (KB4040685)
2017-10-11 00:00:00
trendmicroblog
trendmicroblog
talosblog
talosblog
Microsoft Patch Tuesday - October 2017
2017-10-10 13:25:00
zdi
zdi
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2017-10-10 07:00:00
Scripting Engine Memory Corruption Vulnerability
2017-10-10 07:00:00
Scripting Engine Memory Corruption Vulnerability
2017-10-10 07:00:00
symantec
symantec
packetstorm
packetstorm
Microsoft Edge Chakra JIT Incorrect GenerateBailOut Calling Patterns
2017-10-14 00:00:00
Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call
2017-10-14 00:00:00
Microsoft Edge Chakra JIT Type Confusion
2017-11-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11798)
2017-10-10 00:00:00
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11802)
2017-10-16 00:00:00
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11800)
2017-10-10 00:00:00
zdt
zdt
Microsoft Edge Chakra JIT Incorrect GenerateBailOut Calling Patterns Exploit
2017-10-15 00:00:00
Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call Exploit
2017-10-15 00:00:00
Microsoft Edge Chakra JIT - Type Confusion with switch Statements Exploit
2017-11-16 00:00:00
seebug
seebug
threatpost
threatpost
Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10
2017-12-19 11:00:13
cert
cert