CVE-2017-0008 — Sensitive Information Exposure in Corporation Internet Explorer
Severity
4.3MEDIUMNVD
EPSS
11.4%
top 6.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 17
Latest updateMay 17
Description
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009 and CVE-2017-0059.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4
Affected Packages2 packages
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-36pj-p9j3-7rr9: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Inter↗2022-05-17
GHSA▶
GHSA-h79h-p55m-548h: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Inter↗2022-05-17
CVEList▶
CVE-2017-0008: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Inter↗2017-03-17
CVEList▶
CVE-2017-0059: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Inter↗2017-03-17
💥Exploits & PoCs
1Exploit-DB▶
Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote Command Execution / Cron Job Injection / Local File Inclusion / Stored Cross-Site Scripting / Improper Access Con↗2017-12-19
📋Vendor Advisories
1🕵️Threat Intelligence
9💬Community
1Bugzilla▶
CVE-2017-2641 CVE-2017-2643 CVE-2017-2644 CVE-2017-2645 moodle: Multiple security vulnerabilities↗2017-03-22