CVE-2017-8652
Microsoft Edge 38.14393.1066.0 - 'textarea.defaultValue' Memory Disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8662.
Microsoft Edge en Microsoft Windows 10 Gold, 1511, 1607, 1703, y Windows Server 2016 permite que un atacante revele informaciĆ³n debido a la forma en la que Microsoft Edge gestiona los objetos en la memoria. Esto tambiĆ©n se conoce como "Microsoft Edge Information Disclosure Vulnerability". Este ID CVE es exclusivo de CVE-2017-8644 y CVE-2017-8662.
There is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-05-03 CVE Reserved
- 2017-08-08 CVE Published
- 2024-08-20 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/100047 | Third Party Advisory | |
http://www.securitytracker.com/id/1039101 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/42445 | 2024-09-16 |
URL | Date | SRC |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8652 | 2017-08-15 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Edge Search vendor "Microsoft" for product "Edge" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | - | - |
Safe
|
Microsoft Search vendor "Microsoft" | Edge Search vendor "Microsoft" for product "Edge" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 1511 Search vendor "Microsoft" for product "Windows 10" and version "1511" | - |
Safe
|
Microsoft Search vendor "Microsoft" | Edge Search vendor "Microsoft" for product "Edge" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 1607 Search vendor "Microsoft" for product "Windows 10" and version "1607" | - |
Safe
|
Microsoft Search vendor "Microsoft" | Edge Search vendor "Microsoft" for product "Edge" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 1703 Search vendor "Microsoft" for product "Windows 10" and version "1703" | - |
Safe
|
Microsoft Search vendor "Microsoft" | Edge Search vendor "Microsoft" for product "Edge" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2016 Search vendor "Microsoft" for product "Windows Server 2016" | * | - |
Safe
|