Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2017-8652

Published: 08/08/2017 Updated: 15/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Microsoft

Vulnerability Summary

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an malicious user to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8662.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft edge

Exploits

Exploit DB: Microsoft Edge 38.14393.1066.0 - 'textarea.defaultValue' Memory Disclosure
<!-- Source: bugschromiumorg/p/project-zero/issues/detail?id=1255 There is a use-after free vulnerability in Microsoft Edge that can lead to memory disclosure The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 143931198), Microsoft Edge 381439310660, Microsoft EdgeHTML 1414393 PoC: ...
Exploit DB: Microsoft Edge textarea.defaultValue Memory Disclosure
There is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 143931198), Microsoft Edge 381439310660, Microsoft EdgeHTML 1414393 ...

Recent Articles

It's 2017 and Hyper-V can be pwned by a guest app, Windows by a search query, Office by...
The Register • Shaun Nichols in San Francisco • 08 Aug 2017

Update IE, Edge, Windows, SQL Server, Office and – of course – Flash

Patch Tuesday Microsoft has released the August edition of its Patch Tuesday update to address security holes in multiple products. Folks are urged to install the fixes as soon as possible before they are exploited. Among the flaws are remote code execution holes in Windows, Internet Explorer/Edge and Flash Player, plus a guest escape in Hyper-V. Of the 48 patches issued by Redmond, 25 are rated as critical security risks. Those 25 critical issues include a remote code execution vulnerability fo...

Read more...

References

CWE-200https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8652http://www.securitytracker.com/id/1039101http://www.securityfocus.com/bid/100047https://www.exploit-db.com/exploits/42445/https://nvd.nist.govhttps://www.exploit-db.com/exploits/42445/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook