| ID |
CVE-2017-0066
|
| Summary |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 4.0 (as of 03-10-2019 - 00:03) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
HIGH |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:H/Au:N/C:P/I:P/A:N
|
| msbulletin
via4
|
| bulletin_id | MS17-007 | | bulletin_url | | | date | 2017-03-14T00:00:00 | | impact | Remote Code Execution | | knowledgebase_id | 4013071 | | knowledgebase_url | | | severity | Critical | | title | Cumulative Security Update for Microsoft Edge |
|
| refmap
via4
|
|
| Last major update |
03-10-2019 - 00:03 |
| Published |
17-03-2017 - 00:59 |
| Last modified |
03-10-2019 - 00:03 |
