Microsoft Edge allows remote attackers to access to arbitrary local files via a crafted HTML request that targets the Local File Picker, aka “Microsoft Edge Elevation of Privilege Vulnerability.” CVE-2017-8110 Microsoft ChakraCore/Edge An information disclosure vulnerability in Microsoft Edge could allow an attacker to potentially disclose sensitive information when parsing HTML. The vulnerability could be exploited to potentially disclose sensitive information when parsing HTML. This CVE ID is unique from CVE-2017-8112.
CVE-2017-1104 Microsoft ChakraCore/Edge A remote code execution vulnerability in Microsoft Edge could be exploited to execute arbitrary code when Microsoft Edge does not properly parse HTML. The vulnerability could be exploited to execute arbitrary code. This CVE ID is unique from CVE-2017-1105.
CVE-2017-1105 Microsoft ChakraCore/Edge A remote code execution vulnerability in Microsoft Edge could be exploited to execute arbitrary code when Microsoft Edge fails to properly handle specific HTML content. The vulnerability could be exploited to execute arbitrary code. This CVE ID is unique from CVE-2017-1104.
CVE-2017-1109 Microsoft Edge An information disclosure vulnerability in Microsoft Edge could allow an attacker to potentially disclose sensitive information when parsing HTML. The vulnerability could be exploited to potentially disclose sensitive information when parsing HTML. This CVE ID is unique from CVE-2017-1110.
Microsoft Edge (Chakra) Core CVE-2017-8112
A remote code execution vulnerability exists when Microsoft Edge does not properly parse HTML. The vulnerability could allow remote code execution. This CVE ID is unique from CVE-2017-8110.
Microsoft Edge Go To An Issue
A vulnerability in Microsoft Edge could allow an attacker to potentially disclose sensitive information when parsing HTML. The vulnerability could be exploited to potentially disclose sensitive information when parsing HTML. This CVE ID is unique from CVE-2017-1110.
Microsoft Office/Office Server Software
CVE-2017-1110 Microsoft Edge An information disclosure vulnerability in Microsoft Edge could allow an attacker to potentially disclose sensitive information when parsing HTML. The vulnerability could be exploited to potentially disclose sensitive information when parsing HTML. This CVE ID is unique from CVE-2017-1109.
CVE-2017-1112 Microsoft Word A remote code execution vulnerability in Microsoft Word could be exploited to execute arbitrary code when a user opens a specially crafted Office document or visits a malicious website that contains embedded Office content. The vulnerability could be exploited to execute arbitrary code in the context of the current user. This CVE ID is unique from CVE-2017-8114 and CVE-2017-8115.
Microsoft Edge Multiple Vulnerabilities
The vulnerabilities are in the Microsoft Edge browser. They affect Microsoft Edge and Microsoft ChakraCore/Edge. The flaws have been labeled CVE-2017-8110, CVE-2017-1104, CVE-2017-1105, and CVE-2017-1109. They are all unique from each other because of different specificities.
Timeline
Published on: 01/11/2022 21:15:00 UTC
Last modified on: 08/10/2022 20:15:00 UTC