QwikSec

Security Database

CVE

CWE

Training

CVE-2018-0818

Published: Jan 10, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine handles accessing memory, aka "Scripting Engine Security Feature Bypass".

Vendor	Product	Versions
Microsoft Corporation	ChakraCore	affected `ChakraCore`

References

vdb-entry

x_refsource_BID

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0818

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.