KLA11200
Multiple ACE vulnerabilities in ChakraCore
Обновлено: 04/12/2018
CVSS
9.3
Дата обнаружения
13/02/2018
Уровень угрозы
High
Описание

Multiple memory corruption vulnerabilities was found in ChakraCore. By exploiting these vulnerabilities malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted website.

Пораженные продукты

ChakraCore

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2018-0834
CVE-2018-0835
CVE-2018-0836
CVE-2018-0837
CVE-2018-0838
CVE-2018-0840
CVE-2018-0856
CVE-2018-0857
CVE-2018-0859
CVE-2018-0860
CVE-2018-0858
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

SB 
[?]
Связанные продукты
ChakraCore
CVE-IDS

CVE-2018-0834
CVE-2018-0835
CVE-2018-0836
CVE-2018-0837
CVE-2018-0838
CVE-2018-0840
CVE-2018-0856
CVE-2018-0857
CVE-2018-0859
CVE-2018-0860
CVE-2018-0858

Microsoft official advisories
Microsoft Security Update Guide