CVE-2017-11855

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11856.

Published: Nov 15, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-11855
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
microsoft / internet_explorer	11	11.x
microsoft / internet_explorer	10	10.x
microsoft / internet_explorer	9	9.x

http://www.securityfocus.com/bid/101751
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11855
https://www.exploit-db.com/exploits/43371/

Vulnerability Database

289,599

CVE-2017-11855