CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-8500

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1250%
EPSS Percentile26.23th
Published2018年10月10日
Last Modified2024年11月21日

Vulnerability Description

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.

Affected Platforms (CPE)

📦
Microsoft

Chakracore

All versions

References & Advisories

🔗 http://www.securityfocus.com/bid/105463
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8500
🔗 http://www.securityfocus.com/bid/105463
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8500

関連する脆弱性情報

CVE-2017-117679.8

ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engin...

CVE-2020-10738.1

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip...

CVE-2019-05687.5

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Ed...

CVE-2019-06397.5

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scrip...