CVE-2017-11848
Last modified
CVE-2017-11848 is a vulnerability of currently unknown severity. Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server 2008 SP2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to detect the navigation of the user leaving a maliciously crafted page, due to how page content is handled by Internet Explorer, aka "Internet Explorer Information Disclosure Vulnerability".. EPSS estimates a 7.05% chance of exploitation in the next 30 days.
Description
Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server 2008 SP2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to detect the navigation of the user leaving a maliciously crafted page, due to how page content is handled by Internet Explorer, aka "Internet Explorer Information Disclosure Vulnerability".
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 11 |
References
- http://www.securityfocus.com/bid/101709Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039796Third Party Advisory, VDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11848Patch, Vendor Advisory
- http://www.securityfocus.com/bid/101709Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039796Third Party Advisory, VDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11848Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-11848?
How severe is CVE-2017-11848?
How do I fix CVE-2017-11848?
Are you affected by CVE-2017-11848?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST