exploitDog

CVE-2017-0196

Опубликовано: 17 июл. 2017

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Средний

Описание

An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

Ссылки

https://github.com/Microsoft/ChakraCore/commit/065b7978c40ded35c356ced6cd922a40156c9c46
Issue Tracking
Patch
Third Party Advisory
https://github.com/Microsoft/ChakraCore/commit/065b7978c40ded35c356ced6cd922a40156c9c46
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.19086

Средний

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-fgx5-v6wq-3828

CVSS3: 6.5

github

больше 3 лет назад

An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

EPSS

Процентиль: 95%

0.19086

Средний

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200