Описание
Microsoft Edge Information Disclosure Vulnerability
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited this vulnerability could trick a user into allowing access to the user’s My Documents folder.
For an attack to be successful, an attacker must persuade a user to open a malicious website.
The update addresses the vulnerability by changing how Microsoft Edge handles objects in memory.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems | ||
| Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems | ||
| Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1511 for 32-bit Systems | ||
| Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1511 for x64-based Systems | ||
| Microsoft Edge (EdgeHTML-based) on Windows Server 2016 | ||
| Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems | ||
| Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."
Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."
Уязвимость операционной системы Windows, позволяющая нарушителю выполнить произвольный код
EPSS
4.3 Medium
CVSS3