CVE-2017-0009
published 2017-03-17CVE-2017-0009: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft…
PriorityP432medium4.3CVSS 3.0
AVNACLPRNUIRSUCLINAN
EPSS
39.62%
98.4th percentile
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0011, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft_corporation | edge | — | — |
| microsoft_corporation | internet_explorer | — | — |
| msrc | internet_explorer_10 | — | — |
| msrc | internet_explorer_11 | — | — |
| msrc | internet_explorer_9 | — | — |
| msrc | microsoft_edge | — | — |
CVSS provenance
nvdv3.04.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vulncheck4.3MEDIUM
vendor_msrc2.4LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-36pj-p9j3-7rr9: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Inter
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0059 [MEDIUM] CWE-200 GHSA-36pj-p9j3-7rr9: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Inter
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0008 and CVE-2017-0009.
GHSA
GHSA-qh2j-hcp8-r23w: The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive informa
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0017 [MEDIUM] CWE-79 GHSA-qh2j-hcp8-r23w: The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive informa
The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0065, and CVE-2017-0068.
GHSA
GHSA-53gv-m53j-xw4v: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Micro
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0009 [MEDIUM] CWE-200 GHSA-53gv-m53j-xw4v: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Micro
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0011, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.
GHSA
GHSA-h79h-p55m-548h: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Inter
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0008 [MEDIUM] CWE-200 GHSA-h79h-p55m-548h: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Inter
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009 and CVE-2017-0059.
GHSA
GHSA-322g-5x7j-7fgm: Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerabilit
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0011 [MEDIUM] CWE-200 GHSA-322g-5x7j-7fgm: Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerabilit
Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.
GHSA
GHSA-33q8-hj9q-xc35: Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Info
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0068 [MEDIUM] CWE-200 GHSA-33q8-hj9q-xc35: Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Info
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.
GHSA
GHSA-m792-56jx-j3hj: Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0065 [MEDIUM] CWE-200 GHSA-m792-56jx-j3hj: Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.
VulnCheck
Microsoft Edge Exposure of Sensitive Information to an Unauthorized Actor
vulncheck·2017·CVSS 4.3
CVE-2017-0068 [MEDIUM] Microsoft Edge Exposure of Sensitive Information to an Unauthorized Actor
Microsoft Edge Exposure of Sensitive Information to an Unauthorized Actor
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.
Affected: Microsoft Edge
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.fortinet.com/content/dam/fortinet/assets/threat-reports/threat-landscape-report-2h-2023.pdf
VMware
VMware Workstation update addresses multiple security issues
vendor_vmware·2017-05-18·CVSS 7.8
CVE-2017-4915 [HIGH] VMware Workstation update addresses multiple security issues
VMSA-2017-0009: VMware Workstation update addresses multiple security issues
a. VMware Workstation Insecure library loading vulnerability VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine. VMware would like to thank Jann Horn of Google Project Zero for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4915 to this issue. Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Product Version Running on Severity Repl
Microsoft
Microsoft Browser Information Disclosure Vulnerability
vendor_msrc·2017-03-14·CVSS 2.4
CVE-2017-0009 [MEDIUM] Microsoft Browser Information Disclosure Vulnerability
Microsoft Browser Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action
No detection rules found.
Exploit-DB
Dell EMC Isilon OneFS - Multiple Vulnerabilities
exploitdb·2018-02-14·CVSS 4.8
CVE-2018-1213 [MEDIUM] Dell EMC Isilon OneFS - Multiple Vulnerabilities
Dell EMC Isilon OneFS - Multiple Vulnerabilities
---
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/
Dell EMC Isilon OneFS Multiple Vulnerabilities
1. **Advisory Information**
Title: Dell EMC Isilon OneFS Multiple Vulnerabilities
Advisory ID: CORE-2017-0009
Advisory URL:
http://www.coresecurity.com/advisories/dell-emc-isilon-onefs-multiple-vulnerabilities
Date published: 2018-02-14
Date of last update: 2018-02-14
Vendors contacted: Dell EMC
Release mode: Coordinated release
2. **Vulnerability Information**
Class: Cross-Site Request Forgery [CWE-352], Improper Privilege
Management [CWE-269], Improper Privilege Management [CWE-269], Improper
Neutralization of Input During Web Page Generation [CWE-79], Improper
Neutralization of Input During Web Page Generation [CWE-
Exploit-DB
VMware Workstation 12 Pro - Denial of Service
exploitdb·2017-06-08
CVE-2017-4916 VMware Workstation 12 Pro - Denial of Service
VMware Workstation 12 Pro - Denial of Service
---
/*
* Title: NULL pointer dereference vulnerability in vstor2 driver (VMware Workstation Pro/Player)
* CVE: 2017-4916 (VMSA-2017-0009)
* Author: Borja Merino (@BorjaMerino)
* Date: May 18, 2017
* Tested on: Windows 10 Pro and Windows 7 Pro (SP1) with VMware® Workstation 12 Pro (12.5.5 build-5234757)
* Affected: VMware Workstation Pro/Player 12.x
* Description: This p0c produces a BSOD by sending a specific IOCTL code to the vstor2_mntapi20_shared device
* driver due to a double call to IofCompleteRequest (generating a MULTIPLE_IRP_COMPLETE_REQUESTS bug check)
*/
#include "windows.h"
#include "stdio.h"
void ioctl_crash()
{
HANDLE hfile;
WCHAR *vstore = L"\\\\.\\vstor2-mntapi20-shared";
DWORD dummy;
char reply[0x3FDC];
hfile = CreateFileW(
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins
blogs_trendmicro·2017-03-15·CVSS 7.8
CVE-2017-0016 [HIGH] March 2017 Patch Tuesday: 18 Security Bulletins
Exploits & Vulnerabilities
# March 2017 Patch Tuesday: 18 Security Bulletins
Patch Tuesday for March is hefty, with essentially two months’ worth of updates after Microsoft delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016.
By: Trend Micro
2017/03/15
Read time: ( words)
Save to Folio
Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016, a zero-day vulnerability involving Windows Server Message Block (SMB). This vulnerability potentially allows cyber criminals to render affected system
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins
blogs_trendmicro·2017-03-15·CVSS 7.8
CVE-2017-0016 [HIGH] March 2017 Patch Tuesday: 18 Security Bulletins
Ausnutzung von Schwachstellen
## March 2017 Patch Tuesday: 18 Security Bulletins
Patch Tuesday for March is hefty, with essentially two months’ worth of updates after Microsoft delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016.
By: Trend Micro Mar 15, 2017 Read time: ( words)
Save to Folio
Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical bulletins is MS17-012 , which resolves several vulnerabilities including CVE-2017-0016, a zero-day vulnerability involving Windows Server Message Block (SMB) . This vulnerability potentially allows cyber criminals to render affected
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins
blogs_trendmicro·2017-03-15·CVSS 7.8
CVE-2017-0016 [HIGH] March 2017 Patch Tuesday: 18 Security Bulletins
Sfruttamento vulnerabilità
## March 2017 Patch Tuesday: 18 Security Bulletins
Patch Tuesday for March is hefty, with essentially two months’ worth of updates after Microsoft delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016.
By: Trend Micro Mar 15, 2017 Read time: ( words)
Save to Folio
Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical bulletins is MS17-012 , which resolves several vulnerabilities including CVE-2017-0016, a zero-day vulnerability involving Windows Server Message Block (SMB) . This vulnerability potentially allows cyber criminals to render affected sy
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins
blogs_trendmicro·2017-03-15·CVSS 7.8
CVE-2017-0016 [HIGH] March 2017 Patch Tuesday: 18 Security Bulletins
Exploits y vulnerabilidades
## March 2017 Patch Tuesday: 18 Security Bulletins
Patch Tuesday for March is hefty, with essentially two months’ worth of updates after Microsoft delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016.
By: Trend Micro Mar 15, 2017 Read time: ( words)
Save to Folio
Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical bulletins is MS17-012 , which resolves several vulnerabilities including CVE-2017-0016, a zero-day vulnerability involving Windows Server Message Block (SMB) . This vulnerability potentially allows cyber criminals to render affected s
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins
blogs_trendmicro·2017-03-15·CVSS 7.8
CVE-2017-0016 [HIGH] March 2017 Patch Tuesday: 18 Security Bulletins
Exploits & Vulnerabilities
## March 2017 Patch Tuesday: 18 Security Bulletins
Patch Tuesday for March is hefty, with essentially two months’ worth of updates after Microsoft delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016.
By: Trend Micro 2017/03/15 Read time: ( words)
Save to Folio
Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical bulletins is MS17-012 , which resolves several vulnerabilities including CVE-2017-0016, a zero-day vulnerability involving Windows Server Message Block (SMB) . This vulnerability potentially allows cyber criminals to render affected syst
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins
blogs_trendmicro·2017-03-15·CVSS 7.8
CVE-2017-0016 [HIGH] March 2017 Patch Tuesday: 18 Security Bulletins
Exploits & Vulnerabilities
## March 2017 Patch Tuesday: 18 Security Bulletins
Patch Tuesday for March is hefty, with essentially two months’ worth of updates after Microsoft delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016.
By: Trend Micro Mar 15, 2017 Read time: ( words)
Save to Folio
Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical bulletins is MS17-012 , which resolves several vulnerabilities including CVE-2017-0016, a zero-day vulnerability involving Windows Server Message Block (SMB) . This vulnerability potentially allows cyber criminals to render affected sy
Zscaler
Zscaler found Multiple Security Vulnerabilities | 03-14-2017
blogs_zscaler
Zscaler found Multiple Security Vulnerabilities | 03-14-2017
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Bugzilla
CVE-2017-2641 CVE-2017-2643 CVE-2017-2644 CVE-2017-2645 moodle: Multiple security vulnerabilities
bugzilla·2017-03-22·CVSS 9.8
CVE-2017-2641 [CRITICAL] CVE-2017-2641 CVE-2017-2643 CVE-2017-2644 CVE-2017-2645 moodle: Multiple security vulnerabilities
CVE-2017-2641 CVE-2017-2643 CVE-2017-2644 CVE-2017-2645 moodle: Multiple security vulnerabilities
Multiple security issues were fixed in the latest moodle release.
MSA-17-0005: SQL injection via user preferences
MSA-17-0007: Global search displays user names for unauthenticated users
MSA-17-0008: XSS in evidence of prior learning
MSA-17-0009: XSS in attachments to evidence of prior learning
References:
https://moodle.org/mod/forum/discuss.php?d=349027#p1408104
Discussion:
Created moodle tracking bugs for this issue:
Affects: epel-7 [bug 1434721]
Affects: fedora-all [bug 1434720]
http://www.security-assessment.com/files/documents/advisory/comparestring_infoleak.pdfhttp://www.securityfocus.com/bid/96077http://www.securitytracker.com/id/1038006https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0009http://www.security-assessment.com/files/documents/advisory/comparestring_infoleak.pdfhttp://www.securityfocus.com/bid/96077http://www.securitytracker.com/id/1038006https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0009
2017-03-17
Published