CVE-2017-0228

EPSS 17.0%

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 17.0%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

12 May 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238.

Affected products

Microsoft Corporation · Microsoft browsers

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0228 http://www.securityfocus.com/bid/98164 http://www.securitytracker.com/id/1038425 http://www.securitytracker.com/id/1038426