CVE-2017-8637

medium

Description

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard (ACG) due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Scripting Engine Security Feature Bypass Vulnerability".

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8637

http://www.securitytracker.com/id/1039095

http://www.securityfocus.com/bid/100045

Details

Source: Mitre, NVD

Published: 2017-08-08

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Severity: Medium