Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:8124
HistoryJan 09, 2019 - 2:32 a.m.

Remote Code Execution (RCE)

2019-01-0902:32:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

JSON

Microsoft.ChakraCore is vulnerable to remote code execution. This is due to a type confusion via NewScObjectNoCtor or InitProto which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2019-0567, CVE-2019-0568.

Related

prion 3
osv 3
cve 3
github 3
veracode 2
zdt 4
kaspersky 1
threatpost 1
githubexploit 1
mscve 3
symantec 3
packetstorm 3
exploitpack 1
checkpoint_advisories 3
myhack58 1
exploitdb 1
mskb 6
openvas 6
nessus 4
talosblog 1
prion
prion
Remote code execution
2019-01-08 21:29:00
Remote code execution
2019-01-08 21:29:00
Remote code execution
2019-01-08 21:29:00
osv
osv
ChakraCore RCE Vulnerability
2022-05-13 01:21:17
ChakraCore RCE Vulnerability
2022-05-13 01:21:15
ChakraCore RCE Vulnerability
2022-05-13 01:21:17
cve
cve
CVE-2019-0539
2019-01-08 21:29:00
CVE-2019-0567
2019-01-08 21:29:00
CVE-2019-0568
2019-01-08 21:29:00
github
github
ChakraCore RCE Vulnerability
2022-05-13 01:21:15
ChakraCore RCE Vulnerability
2022-05-13 01:21:17
ChakraCore RCE Vulnerability
2022-05-13 01:21:17
veracode
veracode
Remote Code Execution (RCE)
2019-01-09 03:01:06
Remote Code Execution (RCE)
2019-01-09 03:10:51
zdt
zdt
Microsoft Edge Chakra - NewScObjectNoCtor or InitProto Type Confusion Exploit
2019-01-20 00:00:00
Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion
2019-03-04 00:00:00
Microsoft Edge Chakra - InitClass Type Confusion Exploit
2019-01-20 00:00:00
kaspersky
kaspersky
KLA11397 Multiple vulnerabilities in Microsoft Browsers
2019-01-08 00:00:00
threatpost
threatpost
Microsoft Issues Multiple Critical Patches for Edge Browser
2019-01-08 20:49:06
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Microsoft
2019-07-12 13:06:17
mscve
mscve
Chakra Scripting Engine Memory Corruption Vulnerability
2019-01-08 08:00:00
Chakra Scripting Engine Memory Corruption Vulnerability
2019-01-08 08:00:00
Chakra Scripting Engine Memory Corruption Vulnerability
2019-01-08 08:00:00
symantec
symantec
Microsoft Chakra Scripting Engine CVE-2019-0539 Remote Memory Corruption Vulnerability
2019-01-08 00:00:00
Microsoft Edge Chakra Scripting Engine CVE-2019-0568 Remote Memory Corruption Vulnerability
2019-01-08 00:00:00
Microsoft Edge Chakra Scripting Engine CVE-2019-0567 Remote Memory Corruption Vulnerability
2019-01-08 00:00:00
packetstorm
packetstorm
Microsoft Edge Chakra 1.11.4 Type Confusion
2019-03-04 00:00:00
Microsoft Edge Chakra JIT Use-After-Free / Flag Issue
2019-01-17 00:00:00
Microsoft Edge Chakra JIT NewScObjectNoCtor / InitProto Type Confusion
2019-01-17 00:00:00
exploitpack
exploitpack
Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion
2019-03-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0568)
2019-01-08 00:00:00
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0539)
2019-01-08 00:00:00
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0567)
2019-01-08 00:00:00
myhack58
myhack58
Chakra vulnerability debugging notes 1--ImplicitCall-vulnerability warning-the black bar safety net
2019-06-19 00:00:00
exploitdb
exploitdb
Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion
2019-03-04 00:00:00
mskb
mskb
January 8, 2019—KB4480116 (OS Build 17763.253)
2019-01-08 08:00:00
January 8, 2019—KB4480966 (OS Build 17134.523)
2019-01-08 08:00:00
January 8, 2019—KB4480962 (OS Build 10240.18094)
2019-01-08 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4480966)
2019-01-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4480116)
2019-01-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4480962)
2019-01-09 00:00:00
nessus
nessus
KB4480116: Windows 10 Version 1809 and Windows Server 2019 January 2019 Security Update
2019-01-08 00:00:00
KB4480962: Windows 10 January 2019 Security Update
2019-01-08 00:00:00
KB4480961: Windows 10 Version 1607 and Windows Server 2016 January 2019 Security Update
2019-01-08 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage
2019-01-08 11:40:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

JSON
Related for VERACODE:8124
prion3osv3cve3github3veracode2zdt4kaspersky1threatpost1githubexploit1mscve3symantec3packetstorm3exploitpack1checkpoint_advisories3myhack581exploitdb1mskb6openvas6nessus4talosblog1