microsoft.chakracore is vulnerable to remote code execution. This is due to the way the scripting engine renders content when handling objects in memory, which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-8499, CVE-2017-8520, CVE-2017-8521, and CVE-2017-8549.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.5.1 | |
microsoft.chakracore.vc140 | le | 1.5.1 |