CVE-2017-11810: Buffer Overflow
First published: Fri Oct 13 2017(Updated: )
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Internet Explorer | =9 | |
| Microsoft Windows Server | =sp2 | |
| Internet Explorer | =10 | |
| Microsoft Windows Server | ||
| Internet Explorer | =11 | |
| Windows 10 | ||
| Windows 10 | =1511 | |
| Windows 10 | =1607 | |
| Windows 10 | =1703 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows | ||
| Microsoft Windows RT | ||
| Microsoft Windows Server | =sp1 | |
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server 2016 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-11810?
The severity of CVE-2017-11810 is classified as critical due to the potential for remote code execution.
How do I fix CVE-2017-11810?
To fix CVE-2017-11810, install the latest security updates provided by Microsoft for affected versions of Internet Explorer.
Which versions of Internet Explorer are affected by CVE-2017-11810?
CVE-2017-11810 affects Internet Explorer versions 9, 10, and 11.
Can CVE-2017-11810 allow an attacker to gain elevated privileges?
Yes, CVE-2017-11810 can allow an attacker to execute arbitrary code in the context of the current user, potentially leading to elevated privileges.
Is CVE-2017-11810 present in Windows 10 and Windows Server 2016?
CVE-2017-11810 is present in Windows 10 versions prior to the latest updates and affects some legacy Internet Explorer functionalities.
- agent/references
- agent/type
- agent/weakness
- agent/author
- agent/remedy
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/internet explorer
- version/internet explorer/9
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- version/internet explorer/10
- version/internet explorer/11
- canonical/windows 10
- version/windows 10/1511
- version/windows 10/1607
- version/windows 10/1703
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows
- canonical/microsoft windows rt
- version/microsoft windows server/sp1
- version/microsoft windows server/r2
- canonical/microsoft windows server 2016