CVE-2017-0028: Buffer Overflow
First published: Fri Jul 14 2017(Updated: )
A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user, aka "Scripting Engine Memory Corruption Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Edge |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-0028?
CVE-2017-0028 is classified as a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2017-0028?
To fix CVE-2017-0028, ensure that you have installed the latest security updates provided by Microsoft for your Edge browser.
Who is affected by CVE-2017-0028?
CVE-2017-0028 affects users of Microsoft Edge who have not updated to the patched versions released by Microsoft.
What type of attack is associated with CVE-2017-0028?
CVE-2017-0028 is associated with remote code execution attacks that can allow an attacker to execute arbitrary code on a victim's system.
What is the potential impact of exploiting CVE-2017-0028?
Exploiting CVE-2017-0028 could lead to a complete compromise of the affected system, allowing unauthorized access and control.
- agent/type
- agent/softwarecombine
- agent/references
- agent/remedy
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/tags
- agent/source
- vendor/microsoft
- canonical/microsoft edge