PT-2017-18388 · Microsoft · Windows Server 2008+6
Masato Kinugawa
·
Published
2017-06-15
·
Updated
2022-10-18
·
CVE-2017-8529
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2
Description
An information disclosure issue exists due to affected Microsoft scripting engines not properly handling objects in memory. This could allow an attacker to detect specific files on the user's computer or read data that was not intended to be disclosed. The vulnerability could be used to obtain information in an attempt to further compromise the affected system, but it would not allow an attacker to execute code or elevate a user's rights directly.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Edge
Internet Explorer
Windows 7
Windows 8.1
Windows Rt 8.1
Windows Server 2008
Windows Server 2012