Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:7963
HistoryDec 05, 2018 - 1:59 a.m.

Remote Code Execution (RCE)

2018-12-0501:59:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.923 High

EPSS

Percentile

99.0%

JSON

Microsoft ChakraCore is vulnerable to remote code execution. This is due to an incorrect assumption in JIT about array nativeness which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151.

Related

veracode 14
prion 18
cvelist 18
nvd 18
cve 18
nessus 1
kaspersky 2
openvas 1
mskb 8
symantec 18
mscve 18
zdi 4
checkpoint_advisories 12
zdt 2
packetstorm 1
seebug 1
rapid7community 1
veracode
veracode
Remote Code Execution (RCE)
2018-12-05 02:39:58
Remote Code Execution (RCE)
2018-12-05 02:13:54
Remote Code Execution (RCE)
2018-12-05 02:07:53
prion
prion
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
cvelist
cvelist
CVE-2017-0131
2017-03-17 00:00:00
CVE-2017-0132
2017-03-17 00:00:00
CVE-2017-0138
2017-03-17 00:00:00
nvd
nvd
CVE-2017-0151
2017-03-17 00:59:04
CVE-2017-0070
2017-03-17 00:59:01
CVE-2017-0136
2017-03-17 00:59:03
cve
cve
CVE-2017-0137
2017-03-17 00:59:03
CVE-2017-0070
2017-03-17 00:59:01
CVE-2017-0071
2017-03-17 00:59:01
nessus
nessus
MS17-007: Cumulative Security Update for Microsoft Edge (4013071)
2017-03-14 00:00:00
kaspersky
kaspersky
KLA10968 Multiple vulnerabilities in Microsoft Edge
2017-03-14 00:00:00
KLA10967 Multiple vulnerabilities in Microsoft Browser
2017-03-14 00:00:00
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (4013071)
2017-03-15 00:00:00
mskb
mskb
MS17-007: Cumulative security update for Microsoft Edge: March 14, 2017
2017-03-14 00:00:00
March 14, 2017—KB4013198 (OS Build 10586.839)
2017-03-14 07:00:00
March 14, 2017—KB4013429 (OS Build 14393.953)
2017-03-14 07:00:00
symantec
symantec
Microsoft Edge CVE-2017-0134 Scripting Engine Remote Memory Corruption Vulnerability
2017-03-14 00:00:00
Microsoft Edge CVE-2017-0035 Scripting Engine Remote Memory Corruption Vulnerability
2017-03-14 00:00:00
Microsoft Edge CVE-2017-0032 Scripting Engine Remote Memory Corruption Vulnerability
2017-03-14 00:00:00
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2017-03-14 07:00:00
Scripting Engine Memory Corruption Vulnerability
2017-03-14 07:00:00
Scripting Engine Memory Corruption Vulnerability
2017-03-14 07:00:00
zdi
zdi
Microsoft Windows JavaScript Spread Operator Stack-based Buffer Overflow Remote Code Execution Vulnerability
2017-03-21 00:00:00
Microsoft Windows JavaScript Spread Operator Uninitialized Memory Information Disclosure Vulnerability
2017-03-21 00:00:00
Microsoft Edge JavaScript Parsing Uninitialized Pointer Remote Code Execution Vulnerability
2017-03-21 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Scripting Engine Memory Corruption (MS17-007: CVE-2017-0141)
2017-03-14 00:00:00
Microsoft Scripting Engine Memory Corruption (MS17-007: CVE-2017-0070)
2017-03-14 00:00:00
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-0134)
2018-02-05 00:00:00
zdt
zdt
Microsoft Edge 38.14393.0.0 - JavaScript Engine Use-After-Free Exploit
2017-03-16 00:00:00
Microsoft Edge Charkra Incorrect Jit Optimization Exploit
2017-03-19 00:00:00
packetstorm
packetstorm
Microsoft Edge Charkra Incorrect Jit Optimization
2017-03-16 00:00:00
seebug
seebug
Microsoft Edge 38.14393.0.0 - JavaScript Engine Use-After-Free (CVE-2017-0070)
2017-03-20 00:00:00
rapid7community
rapid7community
Patch Tuesday - August 2017
2017-08-08 20:03:46

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.923 High

EPSS

Percentile

99.0%

JSON
Related for VERACODE:7963
veracode14prion18cvelist18nvd18cve18nessus1kaspersky2openvas1mskb8symantec18mscve18zdi4checkpoint_advisories12zdt2packetstorm1seebug1rapid7community1