CVE-2017-8637

EUVD-2017-17586
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard (ACG) due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Scripting Engine Security Feature Bypass Vulnerability".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
microsoftedge
*
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
1703 (x64, x86)
KB4034674
References
http://www.securityfocus.com/bid/100045
http://www.securitytracker.com/id/1039095
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8637
http://www.securityfocus.com/bid/100045
http://www.securitytracker.com/id/1039095
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8637