HTTP: Microsoft Edge CVE-2017-8652 Use After Free
A use-after-free vulnerability has been reported in Microsoft Edge Thus vulnerability is due to improper access of objects in memory. Successful exploitation would allow the attacker to gain sensitive information.
Extended Description
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8662.
Short Name
HTTP:STC:IE:CVE-2017-8652-UAF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
After CVE-2017-8652 Edge Free Microsoft Use bid:100047
Release Date
08/29/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3797
False Positive
Unknown
CVSS Score
4.3