CVE-2017-8634
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.
Published
2017-08-08T21:29:00.893
Last Modified
2025-04-20T01:37:25.860
Status
Deferred
Source
[email protected]
Severity
CVSSv3.0: 7.5 (HIGH)
CVSSv2 Vector
AV:N/AC:H/Au:N/C:C/I:C/A:C
- Access Vector: NETWORK
- Access Complexity: HIGH
- Authentication: NONE
- Confidentiality Impact: COMPLETE
- Integrity Impact: COMPLETE
- Availability Impact: COMPLETE
Exploitability Score
4.9
Impact Score
10.0
Weaknesses
Affected Vendors & Products
References
-
http://www.securityfocus.com/bid/100043
Third Party Advisory, VDB Entry
([email protected])
-
http://www.securitytracker.com/id/1039095
Third Party Advisory, VDB Entry
([email protected])
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8634
Patch, Vendor Advisory
([email protected])
-
https://www.exploit-db.com/exploits/42474/
Exploit, Third Party Advisory, VDB Entry
([email protected])
-
http://www.securityfocus.com/bid/100043
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securitytracker.com/id/1039095
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8634
Patch, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://www.exploit-db.com/exploits/42474/
Exploit, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)