CVE-2017-8617Improper Restriction of Operations within the Bounds of a Memory Buffer in Corporation Windows 10 1703

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents6 sources
Severity
7.5HIGHNVD
EPSS
24.7%
top 3.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Corporation Windows 10 1703
Timeline
PublishedJul 11
Latest updateMay 17

Description

Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages1 packages

CVEListV5microsoft_corporation/windows_10_1703Microsoft Edge

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-9f67-m6v3-rwjm: Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code execution vulnerability in the way affected Microsoft scripting engines render w2022-05-17
CVEList
CVE-2017-8617: Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code execution vulnerability in the way affected Microsoft scripting engines render w2017-07-11

📋Vendor Advisories

1
Microsoft
Microsoft Edge Memory Corruption Vulnerability2017-07-11

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - July 20172017-07-11
Zscaler
Zscaler found Multiple Security Vulnerabilities | 07-11-2017
CVE-2017-8617 — HIGH severity | cvebase