Spoofing Vulnerability in Microsoft Browsers Affecting SmartScreen Filter
CVE-2017-0231

4.3MEDIUM

Key Information:

Vendor
Microsoft
Status
Microsoft Browsers
Vendor
CVE Published:
12 May 2017

Summary

A spoofing vulnerability occurs in Microsoft browsers when the SmartScreen Filter renders content in a misleading way. This flaw can allow an attacker to present false information to users, potentially leading them to unwittingly interact with malicious websites or harmful content. As users trust the information displayed by their browser's security feature, the exploitation of this vulnerability poses significant risks to the integrity of user data and online safety.

Affected Version(s)

Microsoft browsers Windows 8.1 for 32-bit systems, Windows 8.1 for x64-based systems, Windows RT 8.1, Windows Server 2012 R2,Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems, and Windows Server 2016.

References

https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/98173
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038455
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.