Lucene search
SutoZDI-17-167HistoryMar 21, 2017 - 12:00 a.m.
Microsoft Edge CTransitionValues Out-Of-Bounds Read Information Disclosure Vulnerability
2017-03-2100:00:00
Suto
www.zerodayinitiative.com
12
0.029 Low
EPSS
Percentile
90.9%
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the filter attribute in CSS. By manipulating a documentâs elements an attacker can trigger a read past the end of an allocated data structure. An attacker could leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
Related
symantec
symantec
Microsoft Edge CVE-2017-0011 Information Disclosure Vulnerability
2017-03-14 00:00:00
mscve
mscve
Microsoft Browser Information Disclosure Vulnerability
2017-03-14 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Information Disclosure (MS17-007: CVE-2017-0011)
2017-03-14 00:00:00
cve
cve
prion
prion
Information disclosure
2017-03-17 00:59:00
Memory corruption
2017-03-17 00:59:00
Information disclosure
2017-03-17 00:59:00
nvd
nvd
cvelist
cvelist
mskb
mskb
MS17-007: Cumulative security update for Microsoft Edge: March 14, 2017
2017-03-14 00:00:00
March 14, 2017âKB4013198 (OS Build 10586.839)
2017-03-14 07:00:00
March 14, 2017âKB4012606 (OS Build 10240.17319)
2017-03-14 07:00:00
nessus
nessus
MS17-007: Cumulative Security Update for Microsoft Edge (4013071)
2017-03-14 00:00:00
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (4013071)
2017-03-15 00:00:00
kaspersky
kaspersky
KLA10968 Multiple vulnerabilities in Microsoft Edge
2017-03-14 00:00:00
KLA10967 Multiple vulnerabilities in Microsoft Browser
2017-03-14 00:00:00