BROWSER-IE Microsoft Internet Explorer arguments type confusion attempt
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0040.
CVSS base score 7.5
CVSS impact score 5.9
CVSS exploitability score 1.6
- microsoft internet_explorer 9
- microsoft internet_explorer 10
- microsoft internet_explorer 11
Ease of attack
Upgrade to the latest non-affected version of the software.
Apply the appropriate vendor supplied patches.
- Talos research team.
- This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
- For more information see nvd.