Vulnerabilities > CVE-2020-0812 - Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

high complexity

microsoft

CWE-787

NVD

Published: 2020-03-12

Updated: 2021-07-21

Summary

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0811.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Chakracore - Microsoft Edge -	2
OS	Microsoft Microsoft Windows 10 1809 Microsoft Windows 10 1903 Microsoft Windows 10 1909 Microsoft Windows Server 2019 -	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0812