ChakraCore RCE Vulnerability

GHSA-448h-7hmp-99fg · CVE-2017-0223

Published May 17, 2022 · Modified Feb 16, 2024

Description

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-0223
WEB https://github.com/Microsoft/ChakraCore/pull/2959
WEB https://github.com/chakra-core/ChakraCore/pull/2959
WEB https://github.com/chakra-core/ChakraCore/commit/f74773f4520adff6b70a7d445417aa9769f61fa6
PACKAGE https://github.com/chakra-core/ChakraCore
WEB https://web.archive.org/web/20210124184849/http://www.securitytracker.com/id/1038425

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes