Remote Code Execution Vulnerability in Microsoft Browsers
CVE-2017-0015
7.5HIGH
What is CVE-2017-0015?
A vulnerability exists in Microsoft scripting engines that improperly handle objects in memory. This flaw could allow an attacker to execute arbitrary code in the context of the current user. If exploited, the attacker could gain the same permissions as the user, including administrative rights, enabling them to install programs, view, change, or delete data and create new user accounts. This vulnerability poses significant risks, particularly if it affects users operating with elevated privileges.
Affected Version(s)
Browser Browser
References
EPSS Score
26% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved