CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-11767

ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

Exploit prediction scoring system (EPSS) score

EPSS Score 0.172

EPSS Ranking 94.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

http://www.securityfocus.com/bid/100838
http://www.securitytracker.com/id/1039369
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11767
http://www.securityfocus.com/bid/100838
http://www.securitytracker.com/id/1039369
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11767

Products affected by CVE-2017-11767

Microsoft » Chakracore » Version: N/A

cpe:2.3:a:microsoft:chakracore:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-11767

Products

Pricing

Contact Us