Описание
ChakraCore information disclosure vulnerability
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-8452
- https://github.com/chakra-core/ChakraCore/commit/3f3544801cc01e9f54cab84b20602a3b5e29c3ef
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8452
- https://web.archive.org/web/20210124203129/http://www.securityfocus.com/bid/105252
- https://web.archive.org/web/20221128100304/http://www.securitytracker.com/id/1041623
Пакеты
Microsoft.ChakraCore
< 1.11.1
1.11.1
Связанные уязвимости
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.
Уязвимость обработчика JavaScript-сценариев ChakraCore браузеров Internet Explorer и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию