CVE-2017-0018

Опубликовано: 17 мар. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 7.6

EPSS Средний

Описание

Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and CVE-2017-0149.

Ссылки

http://www.securityfocus.com/bid/96086
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038008
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0018
Patch
Vendor Advisory
http://www.securityfocus.com/bid/96086
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038008
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0018
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.20815

Средний

7.5 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2017-0018

CVSS3: 6.4

msrc

больше 8 лет назад

Microsoft Browser Memory Corruption Vulnerability

GHSA-8xx2-2w6g-2ff2