HTTP: Microsoft Edge CVE-2017-0208 Integer Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft Edge. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the user.

Extended Description

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability."

Affected Products

Microsoft edge

References

CVE: CVE-2017-0208

Short Name
HTTP:STC:IE:CVE-2017-0208-IOV
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-0208 Edge Integer Microsoft Overflow
Release Date
04/11/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3795
False Positive
Unknown
Vendors

Microsoft

CVSS Score

4.3

Found a potential security threat?