Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2017-0158)

A Use-After-Free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in the way VBScript engine manipulates the assignment of dynamic-array variables. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page.

Leave a Reply