KLA11200
Multiple vulnerabilities in Microsoft Developer Tools
Обновлено: 18/06/2020
Дата обнаружения
13/02/2018
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in ChakraCore. Malicious users can exploit this vulnerability to execute arbitrary code.

Пораженные продукты

ChakraCore
Internet Explorer 10
Internet Explorer 11
Microsoft Edge (EdgeHTML-based)

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2018-0834
CVE-2018-0835
CVE-2018-0836
CVE-2018-0837
CVE-2018-0838
CVE-2018-0840
CVE-2018-0856
CVE-2018-0857
CVE-2018-0860
CVE-2018-0858
CVE-2018-0859
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft Internet Explorer
Microsoft Edge
ChakraCore
CVE-IDS
CVE-2018-08340.0Unknown
CVE-2018-08350.0Unknown
CVE-2018-08360.0Unknown
CVE-2018-08370.0Unknown
CVE-2018-08380.0Unknown
CVE-2018-08400.0Unknown
CVE-2018-08560.0Unknown
CVE-2018-08570.0Unknown
CVE-2018-08590.0Unknown
CVE-2018-08600.0Unknown
CVE-2018-08580.0Unknown
Microsoft official advisories
Microsoft Security Update Guide
Эксплуатация

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/44078

https://www.exploit-db.com/exploits/44079

https://www.exploit-db.com/exploits/44081

https://www.exploit-db.com/exploits/44080

https://www.exploit-db.com/exploits/44077

https://www.exploit-db.com/exploits/44076