GHSA-GHWQ-7V3R-5433 ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0223...

Out-of-Bounds

Overview Microsoft.ChakraCore.vc140 is a core part of the Chakra JavaScript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds which can lead to remote code execution. This issue derives from the way JavaScript engines render when handling objects ...

Information Exposure

Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Information Exposure when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the...

Out-of-Bounds

Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds when visiting a crafted website. An attacker can execute arbitrary code via the Chakra JavaScript engine in Microsoft Edge...

Out-of-Bounds

Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds via the Chakra JavaScript engine. An attacker can execute arbitrary code or cause a denial of service memory corruption by...

Arbitrary Code Execution

Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Arbitrary Code Execution or cause denial of service via a crafted web site. Remediation Upgrade Microsoft.ChakraCore to version 1.2.2 or...

Microsoft Chakra Remote Code Execution Vulnerability

Microsoft Chakra is a JavaScript engine component used by Microsoft's Edge web browser.Chakra Core is an open source version of Chakra. A remote code execution vulnerability exists in Microsoft Chakra Core. A remote attacker could exploit this vulnerability to cause memory corruption...

CVE-2017-0223

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252...

CVE-2017-0223

CVE-2017-0223 refers to a ChakraCore remote code execution vulnerability in Microsoft’s Chakra Core rendering engine used by Edge. The root cause is memory corruption in the engine when handling in-memory objects, enabling remote code execution via crafted content. Connected advisories (GHSA and ...