CVE-2017-0037

HIGH KEV

Microsoft Edge - Type Confusion

Title source: rule

Description

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.

Exploits (4)

exploitdb WORKING POC VERIFIED
by mschenk · htmlremotewindows_x86
https://www.exploit-db.com/exploits/43125
exploitdb WORKING POC VERIFIED
by Google Security Research · htmldoswindows
https://www.exploit-db.com/exploits/41454
exploitdb WORKING POC
by redr2e · htmlremotewindows_x86-64
https://www.exploit-db.com/exploits/42354
nomisec WRITEUP
by chattopadhyaykittu · poc
https://github.com/chattopadhyaykittu/CVE-2017-0037

References (10)

Scores

CVSS v3 8.1
EPSS 0.9059
EPSS Percentile 99.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-28
VulnCheck KEV 2017-08-30
InTheWild.io 2017-08-17
ENISA EUVD EUVD-2017-0404
CWE
CWE-843
Status published
Products (3)
microsoft/edge
microsoft/internet_explorer 11
Microsoft Corporation/Internet Browser Internet Explorer 10 and 11 and Edge
Published Feb 26, 2017
KEV Added Mar 28, 2022
Tracked Since Feb 18, 2026