CVE-2017-11767
Description
ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in memory, aka Scripting Engine Memory Corruption Vulnerability.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
17.164
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-11767 are fixed in Nuget - Microsoft.ChakraCore 1.6.2 | Windows |
| Vulnerabilities CVE-2017-11767 are fixed in Nuget - Microsoft.ChakraCore for Linux 1.6.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234