CVE-2020-1172

Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore (affected versions not specified)

Description: A remote code execution issue exists in the way the ChakraCore scripting engine handles objects in memory. This could allow an attacker to corrupt memory and execute arbitrary code in the context of the current user. If the current user has administrative rights, an attacker could take control of the affected system, install programs, view or modify data, or create new accounts with full user rights. The issue is related to writing data outside the bounds of a buffer in memory.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.