{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86761?format=json","vulnerability_id":"VCID-79wx-3ncf-4yaw","summary":"An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka \"Internet Explorer Elevation of Privilege Vulnerability.\"","aliases":[{"alias":"CVE-2017-0210"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0210","reference_id":"","reference_type":"","scores":[{"value":"0.42957","scoring_system":"epss","scoring_elements":"0.97572","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0210"},{"reference_url":"http://www.securitytracker.com/id/1038238","reference_id":"1038238","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-10T16:33:21Z/"}],"url":"http://www.securitytracker.com/id/1038238"},{"reference_url":"http://www.securityfocus.com/bid/97512","reference_id":"97512","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-10T16:33:21Z/"}],"url":"http://www.securityfocus.com/bid/97512"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0210","reference_id":"CVE-2017-0210","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-10T16:33:21Z/"}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0210"}],"weaknesses":[],"exploits":[{"date_added":"2022-05-24","description":"A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information.","required_action":"Apply updates per vendor instructions.","due_date":"2022-06-14","notes":"https://nvd.nist.gov/vuln/detail/CVE-2017-0210","known_ransomware_campaign_use":false,"source_date_published":null,"exploit_type":null,"platform":null,"source_date_updated":null,"data_source":"KEV","source_url":null}],"severity_range_score":"8.8 - 8.8","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-79wx-3ncf-4yaw"}