CVE-2017-8750

high

Description

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability".

References

http://www.securityfocus.com/bid/100771

http://www.securitytracker.com/id/1039342

http://www.securitytracker.com/id/1039343

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8750

Details

Source: MITRE

Published: 2017-09-13

Updated: 2017-09-18

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 4.9

Severity: HIGH

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.6

Severity: HIGH