VYPR
High severity7.5NVD Advisory· Published Dec 12, 2017· Updated Jun 17, 2026

CVE-2017-11930

CVE-2017-11930

Description

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, and CVE-2017-11916.

Affected products

6
  • cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*range: <1.7.5
    • (no CPE)
  • cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*
    • (no CPE)
  • Range: 7 SP1, 8.1, RT 8.1, Server 2008 R2 SP1, Server 2012 R2, 10 Gold, 1511, 1607, 1703, 1709, Server 2016
  • Microsoft Corporation/ChakraCore, Internet Explorerv5
    Range: Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016.

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.