CVE-2017-0208

EPSS 15.3%

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 15.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

12 Apr 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability."

Affected products

Microsoft Corporation · Edge

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0208 http://www.securityfocus.com/bid/97460 http://www.securitytracker.com/id/1038234