CVE-2017-0130

EUVD-2017-0497
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0040.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4012606
1511 (x64, x86)
KB4013198
1607 (x64, x86)
KB4013429
Windows 7
Service Pack 1 (x64, x86)
KB4012215
Windows 8.1
(x64, x86)
KB4012204
(x64, x86)
KB4012216
Windows RT 8.1
All
KB4012216
Windows Server 2008
Service Pack 2 (x64, x86)
KB4012204
Windows Server 2008 R2
Service Pack 1 (x64)
KB4012215
Windows Server 2012
Standard
KB4012217
Standard
KB4012204
Windows Server 2012 R2
Standard
KB4012204
Standard
KB4012216
Windows Server 2016
Standard
KB4013429
Windows Vista
x64 Edition
KB4012204
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/96647
http://www.securitytracker.com/id/1038008
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0130
http://www.securityfocus.com/bid/96647
http://www.securitytracker.com/id/1038008
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0130