Memory Corruption Vulnerability in Microsoft Internet Explorer across Various Windows Versions
CVE-2017-8618

7.5HIGH

Key Information:

Vendor
Microsoft
Status
Windows 7 Sp1, Windows Server 2008 R2 Sp1, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016
Vendor
CVE Published:
11 July 2017

Summary

This vulnerability in Microsoft Internet Explorer occurs due to issues in the way the scripting engines handle objects in memory. An attacker could exploit this flaw to execute arbitrary code or cause a denial of service. The affected versions span a range of Windows operating systems, highlighting the broad impact of this vulnerability. It is essential for users to apply necessary patches and updates to mitigate the risk associated with this weakness.

Affected Version(s)

Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Internet Explorer

References

http://www.securitytracker.com/id/1038848
vdb-entryx_refsource_SECTRACK
https://www.exploit-db.com/exploits/42337/
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/99399
vdb-entryx_refsource_BID

EPSS Score

88% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.