Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.
CVSS Details
- CVSS 3.1 Base Score: 8.1
- CVSS 3.1 Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Msft | microsoft-windows-windows_10-1507-kb4012606microsoft-windows-windows_10-1511-kb4013198microsoft-windows-windows_10-1607-kb4013429microsoft-windows-windows_server_2016-1607-kb4013429msft-kb4012204-08c15f91-907c-4c57-b21e-8c3fb2b596bbmsft-kb4012204-11d8c304-ead4-405b-a3fe-4d8bbefde195msft-kb4012204-392767f0-f15f-4f4d-97b5-ed8af4fd39f8msft-kb4012204-44b0c526-edde-46e9-b82d-d89ca970102dmsft-kb4012204-48a4c019-d40c-4f79-9427-ecae23510b73msft-kb4012204-4b361c4c-88b1-4d65-b92f-b82e1e8c08afmsft-kb4012204-57271dfa-d8a5-46eb-b88e-9faba2ad8f02msft-kb4012204-80105fad-b280-4c2b-96f0-9c162afebd79msft-kb4012204-acc1e62c-5388-4bed-94e4-dd7e5b9259a2msft-kb4012204-b7d9cf1c-c1af-4b40-af7a-f5db8136915fmsft-kb4012204-c08dffeb-7076-48f6-90de-8d27c54ca6b4msft-kb4012204-ca98b8bc-20d4-4e95-a999-1464eb6c1996msft-kb4012204-d0657af6-edbe-498f-a2f1-f32b59086292msft-kb4012204-d9aaa579-8022-4612-93cd-ea879911cc09 | Mar 14, 2017 | Mar 14, 2017 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub