HTTP: Microsoft Edge CVE-2017-0034 Access Violation
This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to access violation.
Extended Description
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Affected Products
Microsoft edge
References
CVE: CVE-2017-0034
Short Name
HTTP:STC:IE:CVE-2017-0034-AV
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Access CVE-2017-0034 Edge Microsoft Violation
Release Date
03/14/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.6