CVE-2017-0037
CVE-2017-0037
In short
Internet Explorer 10, 11, and Microsoft Edge contain a flaw where specially crafted CSS and JavaScript code can confuse the browser about data types, allowing attackers to run malicious code on your computer. This happens when visiting a malicious website.
Technical detail
Type confusion vulnerability in mshtml.dll's Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function exploitable via crafted CSS token sequences combined with JavaScript DOM manipulation of TH elements. Remote code execution is possible without user authentication beyond visiting a malicious webpage; exploitation requires the victim to access attacker-controlled content.
Summary generated and translated by AI from the official description.
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Microsoft Corporation · Internet Browserpublic PoCs found — 7
githubgithub.com/chattopadhyaykittu/CVE-2017-0037★ 0exploitdbwww.exploit-db.com/exploits/41454unverifiedcve_referencewww.exploit-db.com/exploits/43125/unverifiedexploitdbwww.exploit-db.com/exploits/42354unverifiedcve_referencewww.exploit-db.com/exploits/41454/unverifiedcve_referencewww.exploit-db.com/exploits/42354/unverifiedexploitdbwww.exploit-db.com/exploits/43125unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://0patch.blogspot.si/2017/03/0patching-another-0-day-internet.htmlhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1011https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0037https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-0037https://www.exploit-db.com/exploits/41454/https://www.exploit-db.com/exploits/42354/https://www.exploit-db.com/exploits/43125/http://www.securityfocus.com/bid/96088http://www.securitytracker.com/id/1037905http://www.securitytracker.com/id/1037906