Kaspersky Threats

KLA11108
Multiple ACE vulnerabilities in ChakraCore

Updated: 09/10/2018

CVSS ?	7.6
Detect date ?	10/10/2017
Severity ?	Critical
Description	Multiple memory handling vulnerabilities have been found in ChakraCore. Malicious users can exploit these vulnerabilities to execute arbitrary code.
Affected products	ChakraCore
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	Commit Commit CVE-2017-11797 CVE-2017-11801 CVE-2017-11812 CVE-2017-11809 CVE-2017-11807 CVE-2017-11796 CVE-2017-11792 CVE-2017-11806 CVE-2017-11811 CVE-2017-11802 CVE-2017-11804 CVE-2017-11808 CVE-2017-11805 CVE-2017-11799
Impacts ?	ACE [?]
Related products	ChakraCore
CVE-IDS ?	CVE-2017-11797 CVE-2017-11801 CVE-2017-11811 CVE-2017-11812 CVE-2017-11792 CVE-2017-11796 CVE-2017-11805 CVE-2017-11808 CVE-2017-11804 CVE-2017-11809 CVE-2017-11799 CVE-2017-11806 CVE-2017-11802 CVE-2017-11807 CVE-2017-11821
Microsoft official advisories	Microsoft Security Update Guide