CVE-2017-8750 — Vulnetix

Try Vulnetix Request Demo

CVE-2017-8750 PUBLISHED CVSS 7.5 HIGH

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability".

EPSS 24.33% · 96.0th percentile

Risk Scores

CVSS v3.0

7.5

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

24.33%

96.0th percentile

Affected Products

Vendor	Product	Versions
Microsoft Corporation	Internet Explorer, Microsoft Edge	Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.
microsoft	edge
microsoft	internet_explorer	11, 11

Timeline

Sep 13, 2017 CVE Published
Oct 9, 2020 PoC Published
Apr 14, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Jan 2, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 29, 2023 EPSS Score

References

100771 vdb
1039342 vdb
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8750 url
1039343 vdb
https://portal.msrc.microsoft.com/fr-FR/security-guidance/advisory/ advisory
https://nvd.nist.gov/vuln/detail/CVE-2017-8750 advisory

Open in Interactive Console →