CVE-2017-11767

EUVD-2022-3526
ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
Affected Products (NVD)
VendorProductVersion
microsoftchakracore
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/100838
http://www.securitytracker.com/id/1039369
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11767
http://www.securityfocus.com/bid/100838
http://www.securitytracker.com/id/1039369
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11767