Vulnerability description

Vulnerability Number: None 
Affects Version: Chakra <= 1.10.0

This vulnerability was discovered in November last year and was fixed in the release of Microsoft this July. The cause of the vulnerability is that Interpreter is not properly handled when executing the OP_NewScObjArray opcode instruction. There is a cast between the structures in the OP_NewScObjArray_Impl function, which causes type confusion. Successful exploitation of the vulnerability can lead to remote code execution.

Microsoft Edge Chakra OP_NewScObjArray Type Confusion Remote Code Execution Vulnerability Analysis and Utilization