CVE-2017-8652

Опубликовано: 08 авг. 2017

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Средний

Описание

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8662.

Ссылки

http://www.securityfocus.com/bid/100047
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039101
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8652
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/42445/
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/100047
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039101
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8652
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/42445/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.61658

Средний

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-8652

CVSS3: 4.3

msrc

около 8 лет назад

Microsoft Edge based on Edge HTML Information Disclosure Vulnerability

GHSA-pqgj-2f8x-9vf4