vulnerability

Microsoft Windows: CVE-2017-0208: Scripting Engine Information Disclosure Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Apr 11, 2017	Apr 11, 2017	Sep 3, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Apr 11, 2017

Added

Apr 11, 2017

Modified

Sep 3, 2025

Description

An information disclosure vulnerability exists in Microsoft Edge when the Chakra scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, a.k.a. "Scripting Engine Information Disclosure Vulnerability."

Solutions

microsoft-windows-windows_10-1507-kb4015221microsoft-windows-windows_10-1511-kb4015219microsoft-windows-windows_10-1607-kb4015217microsoft-windows-windows_10-1703-kb4015583

References

BID-97460
CVE-2017-0208
https://attackerkb.com/topics/CVE-2017-0208
CWE-200
URL-https://support.microsoft.com/help/4015217
URL-https://support.microsoft.com/help/4015219
URL-https://support.microsoft.com/help/4015221
URL-https://support.microsoft.com/help/4015583

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today