CVE-2017-0037

Опубликовано: 26 фев. 2017

Источник: nvd

CVSS3: 8.1

CVSS2: 7.6

EPSS Критический

Описание

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.

Ссылки

http://www.securityfocus.com/bid/96088
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037905
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037906
Broken Link
Third Party Advisory
VDB Entry
https://0patch.blogspot.si/2017/03/0patching-another-0-day-internet.html
Exploit
Third Party Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=1011
Exploit
Issue Tracking
Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0037
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/41454/
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/42354/
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/43125/
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/96088
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037905
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037906
Broken Link
Third Party Advisory
VDB Entry
https://0patch.blogspot.si/2017/03/0patching-another-0-day-internet.html
Exploit
Third Party Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=1011
Exploit
Issue Tracking
Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0037
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/41454/
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/42354/
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/43125/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.9007

Критический

8.1 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-843

Связанные уязвимости

CVE-2017-0037

CVSS3: 6.4

msrc

больше 8 лет назад

Microsoft Browser Memory Corruption Vulnerability

GHSA-xpg5-jv85-754h