Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:7916
HistoryDec 03, 2018 - 4:14 a.m.

Remote Code Execution (RCE)

2018-12-0304:14:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10

EPSS

0.951

Percentile

99.3%

Microsoft ChakraCore is vulnerable to remote code execution (RCE). The vulnerability exists due to an Array buffer Use-after-free (UAF) bug in GlobOpt.cpp, which allows a remote attacker to execute arbitrary commands in the context of the authenticated user. This CVE ID is different from CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.