Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:7953
HistoryDec 04, 2018 - 2:43 p.m.

Remote Code Execution (RCE)

2018-12-0414:43:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

JSON

Microsoft ChakraCore is vulnerable to remote code execution. This is due to a type confusion bug in the asm.js arguments which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0201.

Related

prion 2
cve 2
openvas 5
checkpoint_advisories 2
symantec 2
mscve 2
kaspersky 2
qualysblog 1
threatpost 1
nessus 4
mskb 5
prion
prion
Remote code execution
2017-04-12 14:59:00
Remote code execution
2017-04-12 14:59:00
cve
cve
CVE-2017-0093
2017-04-12 14:59:00
CVE-2017-0201
2017-04-12 14:59:00
openvas
openvas
Microsoft Internet Explorer Remote Code Execution Vulnerability (KB4014661)
2017-03-15 00:00:00
Microsoft Windows Monthly Rollup (KB4015551)
2017-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4015583)
2017-04-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge asm.js Type Confusion (CVE-2017-0093)
2017-05-01 00:00:00
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2017-0201)
2017-10-09 00:00:00
symantec
symantec
Microsoft Edge CVE-2017-0093 Scripting Engine Remote Memory Corruption Vulnerability
2017-04-11 00:00:00
Microsoft Internet Explorer CVE-2017-0201 Scripting Engine Remote Memory Corruption Vulnerability
2017-04-11 00:00:00
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2017-04-11 07:00:00
Scripting Engine Memory Corruption Vulnerability
2017-04-11 07:00:00
kaspersky
kaspersky
KLA11058 Multiple vulnerabilities in Microsoft Edge and Internet Explorer
2017-04-11 00:00:00
KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)
2017-04-11 00:00:00
qualysblog
qualysblog
Microsoft Fixes 45 Vulnerabilities with new Security Update Guide – says goodbye to Security Bulletins
2017-04-11 18:24:03
threatpost
threatpost
Microsoft Patches Three Vulnerabilities Under Attack
2017-04-11 18:19:52
nessus
nessus
Security Updates for Internet Explorer (April 2017)
2017-11-30 00:00:00
Windows Server 2012 April 2017 Security Updates (Petya)
2017-04-11 00:00:00
KB4015583: Windows 10 Version 1703 April 2017 Cumulative Update
2017-04-11 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: April 11, 2017
2017-04-11 07:00:00
April 11, 2017—KB4015551 (Monthly Rollup)
2017-04-11 07:00:00
April 11, 2017—KB4015583 (OS Build 15063.138)
2017-04-11 07:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

JSON
Related for VERACODE:7953
prion2cve2openvas5checkpoint_advisories2symantec2mscve2kaspersky2qualysblog1threatpost1nessus4mskb5