CVE

CVE-2017-0037 (edge, internet_explorer)

CVE-2017-0037 (edge, internet_explorer)

Microsoft Internet Explorer 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.

Source: CVE-2017-0037 (edge, internet_explorer)

Exit mobile version