Lucene search

[email protected]CVE-2017-8661

HistoryAug 08, 2017 - 9:29 p.m.

CVE-2017-8661

2017-08-0821:29:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2017-8661

microsoft edge

windows 10

windows server 2016

memory corruption

nvd

security vulnerability

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.6%

JSON

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way affected Microsoft scripting engines render when handling objects in memory, aka “Microsoft Edge Memory Corruption Vulnerability”.

Affected configurations

Vulners

NVD

Node

microsoft corporationedgeMatchMicrosoft Windows 10 1607, 1703, and Windows Server 2016.

VendorProductVersionCPE
microsoft corporationedgeMicrosoft Windows 10 1607, 1703, and Windows Server 2016.cpe:2.3:a:microsoft corporation:edge:Microsoft Windows 10 1607, 1703, and Windows Server 2016.:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft corporation	edge	Microsoft Windows 10 1607, 1703, and Windows Server 2016.	cpe:2.3:a:microsoft corporation:edge:Microsoft Windows 10 1607, 1703, and Windows Server 2016.:::::::*

CNA Affected

[
  {
    "product": "Microsoft Edge",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Windows 10 1607, 1703, and Windows Server 2016."
      }
    ]
  }
]