Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability." Note: Authentication is required to detect this vulnerability The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0005, CVE-2017-0025, and CVE-2017-0047. (Based on CVE version 20061101 and SANS Top 20 version 7.) For the current documentation, please log into the mySAINT portal using your customer login and password. CVE Cross Reference 2017 The information on this page may be obsolete.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |