Medium severity4.3NVD Advisory· Published Sep 13, 2017· Updated May 13, 2026

CVE-2017-8736

Description

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to obtain specific information used in the parent domain, due to Microsoft browser parent domain verification in certain functionality, aka "Microsoft Browser Information Disclosure Vulnerability".

Affected products

Microsoft Corporation/Internet Explorer, Microsoft Edgev5
Range: Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.
Microsoft/Internet Explorer
cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*
Microsoft/Edge
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8736nvdPatchVendor Advisory
www.securityfocus.com/bid/100743nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039342nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039343nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.280
epss	0.014
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000