VDB
CVE-2017-0238
CVE-2017-0238
PUBLISHED
CVSS 7.5 HIGH
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0236.
EPSS 21.37% · 95.8th percentile
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
21.37%
95.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows | |
| Microsoft Corporation | Microsoft browsers | Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Server 2008 for x64-based Systems Service Pack 2, Windows 8.1 for 32-bit systems, Windows 8.1 for x64-based systems, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems, and Windows Server 2016. |
| microsoft | internet_explorer | 9, 10, 11 |
| microsoft | edge |
Exploit Intelligence
Timeline
- May 10, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 22, 2023 EPSS Score
- May 13, 2023 EPSS Score
References
- https://helpx.adobe.com/security/products/flash-player/apsb17-15.html advisory
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://portal.msrc.microsoft.com/fr-fr/security-guidance/releasenotedetail/bc365363-f51e-e711-80da-000d3a32fc99 advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0238 url
- 98237 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2017-0238 advisory