PT-2017-18459 · Microsoft · Edge
Liu Long
·
Publicado
2017-08-08
·
Atualizado
2017-08-15
·
CVE-2017-8662
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Microsoft Edge (affected versions not specified)
Description
The issue is related to the validation of strings in specific scenarios, potentially allowing an attacker to read sensitive data from memory. This could facilitate bypassing Address Space Layout Randomization (ASLR). While it does not enable arbitrary code execution on its own, it could be used in combination with another vulnerability, such as a remote code execution vulnerability, to achieve arbitrary code execution on a target system.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Edge