Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-fjsw-u1j1-hfh2
Vulnerability ID VCID-fjsw-u1j1-hfh2
Aliases CVE-2017-11919
Summary Exposure of Sensitive Information to an Unauthorized Actor ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server R2 SP1, Windows and Windows RT, Windows Server R2, and Windows Gold, Windows Server, and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11887 and CVE-2017-11906.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
There are no known severity scores.
Reference id Reference type URL
http://www.securityfocus.com/bid/102093
http://www.securitytracker.com/id/1039993
CVE-2017-11919 https://nvd.nist.gov/vuln/detail/CVE-2017-11919
CVE-2017-11919 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11919
No exploits are available.
There are no known vectors.

No EPSS data available for this vulnerability.

Date Actor Action Source VulnerableCode Version
2026-06-02T04:37:22.698512+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11919.yml 38.6.0