Remote Code Execution Vulnerability in Microsoft Browsers
CVE-2017-0010

7.5HIGH

Key Information:

Vendor

Microsoft
Status
Browser
Vendor
CVE Published:
17 March 2017

What is CVE-2017-0010?

A vulnerability exists in the Microsoft scripting engines which improperly handle objects in memory within affected Microsoft browsers. This flaw may enable an attacker to execute arbitrary code under the context of the current user. Successful exploitation could allow an attacker to gain the same user rights as the logged-in user, potentially compromising the system significantly. If an administrative user is affected, the attacker could install software, manipulate data, or create new user accounts with full privileges. This vulnerability is noteworthy and distinct from other similar vulnerabilities in the Microsoft ecosystem.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Browser Browser

References

http://www.securityfocus.com/bid/96059
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038006
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

EPSS Score

25% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.