Memory Corruption Vulnerability in Microsoft Internet Explorer
CVE-2017-0009
4.3MEDIUM
What is CVE-2017-0009?
Microsoft Internet Explorer versions 9 to 11 are susceptible to a memory corruption vulnerability that can be exploited by remote attackers to access sensitive information stored in process memory. This can occur through a targeted crafted website, potentially leading to unauthorized data exposure. The risk stems from inadequate handling of user inputs, which allows the attacker to trick the browser into leaking sensitive data. Mitigating this vulnerability involves ensuring that browsers are kept up to date with the latest security patches.
Affected Version(s)
Browser Internet Explorer 9 through 11 and Edge
References
EPSS Score
10% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved