CVE-2017-0037
Microsoft Edge and Internet Explorer Type Confusion Vulnerability
CVSS
—
No CVSS
EPSS
80.4%
p100
KEV
YES
Mar 28, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
80.4%EPSS · 30 days80.4%
2026-06-302026-07-16
Product
Microsoft / Edge and Internet Explorer
Vulnerability
Microsoft Edge and Internet Explorer Type Confusion Vulnerability
Added to KEV
Mar 28, 2022
Remediate by
Apr 18, 2022
Known ransomware use
No
Summary description
Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-0037
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2020-0878—84.2%
KEV—75Microsoft Edge and Internet Explorer Memory Corruption Vulnerability—