Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka âScripting Engine Memory Corruption Vulnerabilityâ. This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0861, and CVE-2018-0866.
github.com/chakra-core/ChakraCore
github.com/chakra-core/ChakraCore/commit/9dac38fa6a6273f4cd57234d3caf4c7033e527bc
nvd.nist.gov/vuln/detail/CVE-2018-0860
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0860
web.archive.org/web/20210124135855/www.securityfocus.com/bid/102883
web.archive.org/web/20210922050621/www.securitytracker.com/id/1040372
www.exploit-db.com/exploits/44076