High severity7.5NVD Advisory· Published Apr 12, 2017· Updated May 13, 2026

CVE-2017-0093

Description

A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0201.

Affected products

Microsoft/Edge2 versions
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
- (no CPE)range: Edge

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0093nvdPatchVendor Advisory
www.securityfocus.com/bid/97419nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038234nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.017
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000