CVE-2017-0208

Опубликовано: 12 апр. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Средний

Описание

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability."

Ссылки

http://www.securityfocus.com/bid/97460
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038234
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0208
Patch
Vendor Advisory
http://www.securityfocus.com/bid/97460
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038234
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0208
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13842

Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-0208

CVSS3: 4.3

msrc

около 8 лет назад

Scripting Engine Information Disclosure Vulnerability

GHSA-pjpr-2qqp-gprf

CVSS3: 4.3

github

около 3 лет назад

ChakraCore information disclosure vulnerability

BDU:2017-01022

fstec

около 8 лет назад

Уязвимость браузера Microsoft Edge, позволяющая нарушителю получить доступ к конфиденциальной информации

EPSS

Процентиль: 94%

0.13842

Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200