CVE-2017-0223
Description
A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka Scripting Engine Memory Corruption Vulnerability. This vulnerability is unique from CVE-2017-0252.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
36.015
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Browser Spoofing Vulnerability for Windows 10 Version 1703 for x64-based Systems - WannaCrypt Ransomware Fix(KB4016871) - Cumulative | Windows |
| Microsoft Browser Spoofing Vulnerability for Windows 10 Version 1703 for x86-based Systems - WannaCrypt Ransomware Fix(KB4016871) - Cumulative | Windows |
| Multiple vulnerabilities are fixed in Nuget - Microsoft.ChakraCore 1.4.4 | Windows |
| Multiple vulnerabilities are fixed in Nuget - Microsoft.ChakraCore for Linux 1.4.4 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234