Vulnerability CVE-2017-0211

Vulnerability CVE-2017-0211

Published: 2017-04-12

Description:

An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability."

Type:

CWE-610

(Externally Controlled Reference to a Resource in Another Sphere)

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
None	Partial	None

Affected software
Microsoft -> Windows 8.1
Microsoft -> Windows 10
Microsoft -> Windows rt 8.1
Microsoft -> Windows server 2012
Microsoft -> Windows server 2016

References:

http://www.securityfocus.com/bid/97514

http://www.securitytracker.com/id/1038240

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0211

https://www.exploit-db.com/exploits/41902/

Copyright 2024, cxsecurity.com