CVE-2017-0012 — Improper Input Validation in Corporation Browser
Severity
4.3MEDIUMNVD
EPSS
8.4%
top 7.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 17
Latest updateMay 17
Description
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4
Affected Packages4 packages
Patches
🔴Vulnerability Details
6GHSA▶
GHSA-xrh4-xh5j-cjm2: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing↗2022-05-17
GHSA▶
GHSA-r538-cxj6-r3pj: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing↗2022-05-17
GHSA▶
GHSA-23g7-23q4-2x6g: Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability↗2022-05-17
CVEList▶
CVE-2017-0012: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing↗2017-03-17
CVEList▶
CVE-2017-0033: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing↗2017-03-17
📋Vendor Advisories
1🕵️Threat Intelligence
2💬Community
1Bugzilla
▶