CVE-2017-0202

HIGH

Microsoft Internet Explorer - Memory Corruption

Title source: rule

Description

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "Internet Explorer Memory Corruption Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · htmldoswindows

https://www.exploit-db.com/exploits/41941

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/97441

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0202

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/41941/

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038238

Scores

CVSS v3 7.5

EPSS 0.6187

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (2)

microsoft/internet_explorer 11

Microsoft Corporation/Internet Explorer Internet Explorer 11

Published Apr 12, 2017

Tracked Since Feb 18, 2026