Description
A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Microsoft Corporation | Chakra Core | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Github GHSA |
GHSA-448h-7hmp-99fg | ChakraCore RCE Vulnerability |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2024-08-05T12:55:19.285Z
Reserved: 2016-09-09T00:00:00.000Z
Link: CVE-2017-0223
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-05-15T17:29:00.170
Modified: 2026-05-13T00:24:29.033
Link: CVE-2017-0223
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer