CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-0858

ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.302

EPSS Ranking 96.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 9.3

References

http://www.securityfocus.com/bid/102865
http://www.securitytracker.com/id/1040372
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0858
http://www.securityfocus.com/bid/102865
http://www.securitytracker.com/id/1040372
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0858

Products affected by CVE-2018-0858

Microsoft » Chakracore » Version: N/A

cpe:2.3:a:microsoft:chakracore:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0858

Products

Pricing

Contact Us