National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): CVE-2017-0037
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 4 matching records.
Vuln ID Summary CVSS Severity
CVE-2017-0149

Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0018 and CVE-2017-0037.

Published: March 16, 2017; 08:59:04 PM -04:00
V3: 7.5 HIGH
V2: 7.6 HIGH
CVE-2017-0049

The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0018, and CVE-2017-0037.

Published: March 16, 2017; 08:59:01 PM -04:00
V3: 4.3 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-0018

Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and CVE-2017-0149.

Published: March 16, 2017; 08:59:00 PM -04:00
V3: 7.5 HIGH
V2: 7.6 HIGH
CVE-2017-0037

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.

Published: February 26, 2017; 06:59:00 PM -05:00
V3: 8.1 HIGH
V2: 7.6 HIGH