CVE-2017-0009

4.3MEDIUM

Key Information:

Vendor: Microsoft
Status: Browser
Vendor: CVE Published:; 17 March 2017

Summary

Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0011, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068.

Affected Version(s)

Browser Internet Explorer 9 through 11 and Edge

References

http://www.securityfocus.com/bid/96077

vdb-entryx_refsource_BID

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_CONFIRM

http://www.security-assessment.com/files/documents/adviso...

x_refsource_MISC

EPSS Score

23% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 17, 2017
Vulnerability Reserved
Sep 9, 2016

Collectors

NVD DatabaseMitre Database

.