CVE-2017-0059
MEDIUM KEVMicrosoft Internet Explorer - Information Disclosure
Title source: ruleDescription
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0008 and CVE-2017-0009.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · htmldoswindows
https://www.exploit-db.com/exploits/41661
exploitdb
WORKING POC
by redr2e · htmlremotewindows_x86-64
https://www.exploit-db.com/exploits/42354
exploitdb
WORKING POC
VERIFIED
by mschenk · htmlremotewindows_x86
https://www.exploit-db.com/exploits/43125
References (7)
Scores
CVSS v3
4.3
EPSS
0.8390
EPSS Percentile
99.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Exploitation Intel
CISA KEV
2022-03-28
VulnCheck KEV
2017-08-30
InTheWild.io
2017-08-17
ENISA EUVD
EUVD-2017-0426
Classification
Status
published
Affected Products (4)
microsoft/internet_explorer
microsoft/internet_explorer
microsoft/internet_explorer
Microsoft Corporation/Internet Explorer
< Internet Explorer 9 through 11
Timeline
Published
Mar 17, 2017
KEV Added
Mar 28, 2022
Tracked Since
Feb 18, 2026