CVE-2017-0012

Name of the Vulnerable Software and Affected Versions Microsoft Edge versions (affected versions not specified) Microsoft Internet Explorer versions (affected versions not specified)

Description The issue exists due to insufficient input validation in Microsoft browsers, allowing a remote attacker to bypass certificate validation using a specially crafted website. An attacker could exploit this to trick a user by redirecting them to a specially crafted website, which could spoof content or be used to chain an attack with other vulnerabilities in web services. To exploit this, the user must click a specially crafted URL.

Recommendations For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Microsoft Internet Explorer, at the moment, there is no information about a newer version that contains a fix for this vulnerability.