CVE-2017-8597

Опубликовано: 13 сент. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Средний

Описание

Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8643 and CVE-2017-8648.

Ссылки

http://www.securityfocus.com/bid/100745
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039326
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8597
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100745
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039326
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8597
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.12825

Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-8597

CVSS3: 4.3

msrc

почти 8 лет назад

Microsoft Edge based on Edge HTML Information Disclosure Vulnerability

GHSA-5ppg-f9j6-6f59

CVSS3: 4.3

github

больше 3 лет назад

EPSS

Процентиль: 94%

0.12825

Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200