CVE-2017-0068
published 2017-03-17CVE-2017-0068: Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information…
PriorityP275medium4.3CVSS 3.0
AVNACLPRNUIRSUCLINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
15.18%
96.3th percentile
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft_corporation | edge | — | — |
| msrc | microsoft_edge_on_windows_10_for_32-bit_systems | — | — |
| msrc | microsoft_edge_on_windows_10_for_x64-based_systems | — | — |
| msrc | microsoft_edge_on_windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | microsoft_edge_on_windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | microsoft_edge_on_windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | microsoft_edge_on_windows_10_version_1607_for_x64-based_systems | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered via a crafted web site targeting Microsoft Edge (EdgeHTML-based); monitor for suspicious Edge browser process memory access patterns or anomalous Edge renderer behavior when visiting attacker-controlled or compromised websites. ↗
- →Attack vector is web-based; attacker hosts or compromises a website with specially crafted content — consider monitoring for user navigation to newly registered or low-reputation domains via Edge (EdgeHTML). ↗
- →Root cause is improper handling of objects in memory by Microsoft Edge (EdgeHTML); patch verification should confirm KB4012606, KB4013198, or KB4013429 is applied. ↗
- ·Exploit status is confirmed as NOT publicly exploited and NOT publicly disclosed at time of advisory; exploitation is rated 'Less Likely' for the latest software release, reducing urgency but not eliminating risk. ↗
- ·This vulnerability is distinct from four related Microsoft Edge information disclosure CVEs (CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, CVE-2017-0065); detections or patches for those do not cover this CVE. ↗
CVSS provenance
nvdv3.04.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vulncheck4.3MEDIUM
vendor_msrc4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qh2j-hcp8-r23w: The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive informa
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0017 [MEDIUM] CWE-79 GHSA-qh2j-hcp8-r23w: The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive informa
The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0065, and CVE-2017-0068.
GHSA
GHSA-53gv-m53j-xw4v: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Micro
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0009 [MEDIUM] CWE-200 GHSA-53gv-m53j-xw4v: Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Micro
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0011, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.
GHSA
GHSA-322g-5x7j-7fgm: Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerabilit
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0011 [MEDIUM] CWE-200 GHSA-322g-5x7j-7fgm: Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerabilit
Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.
GHSA
GHSA-33q8-hj9q-xc35: Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Info
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0068 [MEDIUM] CWE-200 GHSA-33q8-hj9q-xc35: Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Info
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.
GHSA
GHSA-m792-56jx-j3hj: Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-0065 [MEDIUM] CWE-200 GHSA-m792-56jx-j3hj: Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.
VulnCheck
Microsoft Edge Exposure of Sensitive Information to an Unauthorized Actor
vulncheck·2017·CVSS 4.3
CVE-2017-0068 [MEDIUM] Microsoft Edge Exposure of Sensitive Information to an Unauthorized Actor
Microsoft Edge Exposure of Sensitive Information to an Unauthorized Actor
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0065.
Affected: Microsoft Edge
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.fortinet.com/content/dam/fortinet/assets/threat-reports/threat-landscape-report-2h-2023.pdf
Microsoft
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
vendor_msrc·2017-03-14·CVSS 4.3
CVE-2017-0068 [MEDIUM] Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/96649http://www.securitytracker.com/id/1038006https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0068http://www.securityfocus.com/bid/96649http://www.securitytracker.com/id/1038006https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0068
2017-03-17
Published
Exploited in the wild