High severityNVD Advisory· Published Feb 11, 2020· Updated Aug 4, 2024
CVE-2020-0767
CVE-2020-0767
Description
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.ChakraCoreNuGet | < 1.11.16 | 1.11.16 |
Affected products
23- Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systemsv5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows Server 2016v5Range: unspecified
- Microsoft/Microsoft Edge (EdgeHTML-based) on Windows Server 2019v5Range: unspecified
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-fhc8-h6hr-h9mqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-0767ghsaADVISORY
- github.com/chakra-core/ChakraCore/pull/6375ghsaWEB
- github.com/chakra-core/ChakraCore/pull/6375/commits/161c8957913ffb48bddef4423998b2eb642f35b3ghsaWEB
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.