CVE-2017-8644

Опубликовано: 08 авг. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Средний

Описание

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8652 and CVE-2017-8662.

Ссылки

http://www.securityfocus.com/bid/100044
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039101
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8644
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/42459/
http://www.securityfocus.com/bid/100044
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039101
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8644
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/42459/

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.41117

Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-8644

CVSS3: 4.3

msrc

около 8 лет назад

Microsoft Edge based on Edge HTML Information Disclosure Vulnerability

GHSA-76jp-9697-7322

CVSS3: 4.3

github

больше 3 лет назад

EPSS

Процентиль: 97%

0.41117

Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200