Medium severity6.5NVD Advisory· Published Jul 17, 2017· Updated May 13, 2026

CVE-2017-0196

Description

An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

Affected products

Microsoft/Edge
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
Microsoft Corporation/Microsoft ChakraCorev5
Range: Microsoft ChakraCore

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Microsoft/ChakraCore/commit/065b7978c40ded35c356ced6cd922a40156c9c46nvdIssue TrackingPatchThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.015
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000