6 matches found
Remote Code Execution (RCE)
chakracore is vulnerable to remote code execution RCE. The vulnerability exists in lib/Backend/GlobOpt.cpp where there was a memory issue in using src2 as the induction sym. This CVE ID is different from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366...
Remote Code Execution (RCE)
chakracore is vulnerable to remote code execution RCE. The vulnerability exists in lib/Backend/GlobOpt.cpp, if valueType was not a tagged value. This CVE ID is different from CVE-2019-1307, CVE-2019-1308, CVE-2019-1335...
Remote Code Execution (RCE)
microsoft.chakracore is vulnerable to remote code execution RCE. The vulnerability exists through a JIT type confusion in lib/Backend/GlobOpt.cpp...
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution. This is due a type confusion bug in GlobOpt.cpp when the function ValueNumberDst returns. This could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, potentially taking over...
Remote Code Execution (RCE)
Microsoft.ChakraCore is vulnerable to remote code execution. This is due to a type confusion bug in GlobOpt.cpp which would allow an attacker to execute arbitrary code in the context of the authenticated user...
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution RCE. The vulnerability exists due to an Array buffer Use-after-free UAF bug in GlobOpt.cpp, which allows a remote attacker to execute arbitrary commands in the context of the authenticated user. This CVE ID is different from CVE-2018-087...