GHSA-9f2p-wm46-6m5f

Source

https://github.com/advisories/GHSA-9f2p-wm46-6m5f

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9f2p-wm46-6m5f/GHSA-9f2p-wm46-6m5f.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-9f2p-wm46-6m5f

Aliases

CVE-2017-11870

Published

2022-05-17T00:19:55Z

Modified

2024-02-19T05:31:45.750235Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Chakra Core vulnerable to privilege escalation when writing to JavaScript null scope objects

Details

ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory. This could be exploited using write-AV when writing to a slot of a JavaScript null scope object.

This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11871, and CVE-2017-11873.

Database specific

{
    "nvd_published_at": "2017-11-15T03:29:00Z",
    "cwe_ids": [
        "CWE-119"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-27T19:33:38Z"
}

References

Affected packages

NuGet / Microsoft.ChakraCore

Package

Name: Microsoft.ChakraCore; View open source insights on deps.dev
Purl: pkg:nuget/Microsoft.ChakraCore

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.4

Affected versions

1.*

1.2.0

1.2.1

1.2.2

1.2.3

1.2.6.62716-preview

1.3.0

1.3.1

1.3.2

1.4.0

1.4.1

1.4.2

1.4.3

1.4.4

1.4.5

1.5.0

1.5.1

1.5.2

1.5.3

1.6.0

1.6.2

1.7.0

1.7.1

1.7.2

1.7.3