KLA11200
Multiple ACE vulnerabilities in ChakraCore
Updated: 12/04/2018
CVSS
?
9.3
Detect date
?
02/13/2018
Severity
?
High
Description

Multiple memory corruption vulnerabilities was found in ChakraCore. By exploiting these vulnerabilities malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted website.

Affected products

ChakraCore

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2018-0834
CVE-2018-0835
CVE-2018-0836
CVE-2018-0837
CVE-2018-0838
CVE-2018-0840
CVE-2018-0856
CVE-2018-0857
CVE-2018-0859
CVE-2018-0860
CVE-2018-0858

Impacts
?
ACE 
[?]

OSI 
[?]

SB 
[?]
Related products
ChakraCore
CVE-IDS
?

CVE-2018-0834
CVE-2018-0835
CVE-2018-0836
CVE-2018-0837
CVE-2018-0838
CVE-2018-0840
CVE-2018-0856
CVE-2018-0857
CVE-2018-0859
CVE-2018-0860
CVE-2018-0858

Microsoft official advisories
Microsoft Security Update Guide