Endpoint VulnerabilityMicrosoft Browser CVE-2017-8592 Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists when Microsoft browsers improperly handle redirect requests. The vulnerability allows Microsoft browsers to bypass CORS redirect restrictions, and to follow redirect requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice.
Affected Applications
Internet Explorer 10
Internet Explorer 11
Internet Explorer 9
Microsoft Edge
Windows 10
Windows 7
Windows 8
Windows RT 8.1
Windows Server 2008
Windows Server 2012
Windows Server 2016
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2019-09-11 | 1.00194 |
Modified
|
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2019-03-26 | 1.00183 |
Modified
|
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2019-01-08 | 1.00178 |
Modified
|
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2018-05-09 | 1.00161 |
Modified
|
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2018-04-10 | 1.00157 |
Modified
|
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2018-02-15 | 1.00155 |
Modified
|
Internet Explorer 11,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2017-11-17 | 1.00149 |
Modified
|
Internet Explorer 11,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2017-09-12 | 1.00146 |
Modified
|
Internet Explorer 11,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2017-08-28 | 1.00145 |
Modified
|
Internet Explorer 11,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| 2017-08-08 | 1.00143 |
Modified
|
Internet Explorer 11,Microsoft Edge,Windows 10,Windows 7,Windows 8,Windows RT 8. 1,Windows Server 2008,Windows Server 2012,Windows Server 2016 |
| ID | 36319 |
| Created | Sep 25, 2018 |
| Description Updated |
Dec 21, 2023 |
| CVE ID | |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Internet Explorer 10 , Internet Explorer 11 , Internet Explorer 9 , Microsoft Edge , Windows 10 , Windows 7 , Windows 8 , Windows RT 8.1 , Windows Server 2008 , Windows Server 2012 , Windows Server 2016 |