CVE-2017-8739

Опубликовано: 13 сент. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Средний

Описание

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability".

Ссылки

http://www.securityfocus.com/bid/100761
Third Party Advisory
http://www.securitytracker.com/id/1039342
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8739
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100761
Third Party Advisory
http://www.securitytracker.com/id/1039342
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8739
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13004

Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-8739

CVSS3: 4.3

msrc

почти 8 лет назад

Scripting Engine Information Disclosure Vulnerability

GHSA-2frf-49c5-28xj

CVSS3: 4.3

github

около 3 лет назад

EPSS

Процентиль: 94%

0.13004

Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200