Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:6966
HistoryJul 06, 2018 - 5:04 a.m.

Remote Code Execution (RCE)

2018-07-0605:04:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7

0.946 High

EPSS

Percentile

99.3%

microsoft.chakracore is vulnerable to remote code execution. This happens because it skips the nullptr check for funcInfo->GetParsedFunctionBody()->GetByteCode(), causing memory corruption.This CVE ID is different from CVE-2017-11792, CVE-2017-11793, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. This also affects Microsoft Edge in Windows 10 1703.