CNVD-2017-03552 — Vulnetix

CNVD-2017-03552 PUBLISHED

Microsoft Edge是一款win10自带的WEB浏览器。 Microsoft Edge脚本引擎存在内存破坏漏洞。远程攻击者可利用该漏洞构建恶意WEB页，诱使用户解析，可使应用程序崩溃或执行任意代码。

Affected Products

Vendor	Product	Versions
Microsoft Corporation	Browser	Browser

Exploit Intelligence

A full exploit of CVE-2017-3000 on Flash Player Constant Blinding PRNG (github-poc)
A full exploit of CVE-2017-3000 on Flash Player Constant Blinding PRNG (github-poc)
Exploiting Edge's read:// urlhandler (github-poc)
Exploiting Edge's read:// urlhandler (github-poc)
chattopadhyaykittu/CVE-2017-0037 (github-poc)
chattopadhyaykittu/CVE-2017-0037 (github-poc)
96079 (circl)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0015 (circl)
1038006 (circl)

Timeline

Feb 26, 2017 CVE Published

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›