Home

CVE-2017-8497

Description

Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka Microsoft Edge Memory Corruption Vulnerability. This CVE ID is unique from CVE-2017-8496.

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
14.548

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Edge Security Feature Bypass Vulnerability for Windows Server 2016 for x64-based Systems (KB4022715) - CumulativeWindows
Microsoft Edge Security Feature Bypass Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4022715) - CumulativeWindows
Microsoft Edge Security Feature Bypass Vulnerability for Windows Server 2016 for x64-based Systems (KB4022715) - DeltaWindows
Microsoft Edge Security Feature Bypass Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4022715) - DeltaWindows
Microsoft Edge Security Feature Bypass Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4022715) - CumulativeWindows
Microsoft Edge Security Feature Bypass Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4022715) - DeltaWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-22676Cumulative Update for Windows Server 2016 for x64-based Systems (KB4022715)
PATCH-22675Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4022715)
PATCH-227042017-06 Delta Update for Windows Server 2016 for x64-based Systems (KB4022715)
PATCH-226802017-06 Delta Update for Windows 10 Version 1607 for x64-based Systems (KB4022715)
PATCH-22674Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4022715)
PATCH-226792017-06 Delta Update for Windows 10 Version 1607 for x86-based Systems (KB4022715)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234