CVE-2017-8750 — Vulnetix

CVE-2017-8750 PUBLISHED CVSS 7.5 HIGH

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability".

EPSS 21.95% · 95.9th percentile

Risk Scores

CVSS 3.0

7.5

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

21.95%

95.9th percentile

Affected Products

Vendor	Product	Versions
Microsoft Corporation	Internet Explorer, Microsoft Edge	Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.
microsoft	edge
microsoft	internet_explorer	11, 11

Exploit Intelligence

CIRCL seen: CVE-2017-8750 (circl-sighting)
100771 (circl)
1039342 (circl)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8750 (circl)
1039343 (circl)

Timeline

Sep 13, 2017 CVE Published
Oct 9, 2020 PoC Published
Apr 14, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Feb 4, 2022 EPSS Score
May 2, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Nov 6, 2022 EPSS Score
Jan 8, 2023 EPSS Score
Mar 11, 2023 EPSS Score
May 29, 2023 EPSS Score

References

100771 vdb
1039342 vdb
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8750 url
1039343 vdb
https://portal.msrc.microsoft.com/fr-FR/security-guidance/advisory/ advisory
https://nvd.nist.gov/vuln/detail/CVE-2017-8750 advisory

Open in Interactive Console →