ID |
CVE-2017-0037
|
Summary |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.6 (as of 19-11-2017 - 02:29) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-704 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
HIGH |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:H/Au:N/C:C/I:C/A:C
|
msbulletin
via4
|
bulletin_id | MS17-006 | bulletin_url | | date | 2017-03-14T00:00:00 | impact | Remote Code Execution | knowledgebase_id | 4013073 | knowledgebase_url | | severity | Critical | title | Cumulative Security Update for Internet Explorer |
bulletin_id | MS17-007 | bulletin_url | | date | 2017-03-14T00:00:00 | impact | Remote Code Execution | knowledgebase_id | 4013071 | knowledgebase_url | | severity | Critical | title | Cumulative Security Update for Microsoft Edge |
|
refmap
via4
|
|
saint
via4
|
bid | 96088 | description | Internet Explorer mshtml.dll Memory Corruption Vulnerability | id | win_patch_ie_v11 | title | ie_mshtmldll_memory_corruption | type | client |
|
Last major update |
19-11-2017 - 02:29 |
Published |
26-02-2017 - 23:59 |
Last modified |
19-11-2017 - 02:29 |