CVSS: 4.7EPSS: 0%CPEs: 13EXPL: 1CVE-2017-0058 – Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call
https://notcve.org/view.php?id=CVE-2017-0058
A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability." Existe una vulnerabilidad de divulgación de información de Win32k en Microsoft Windows cuando el componente win32k proporciona información del kernel incorrectamente. Un atacante que explotó con éxito la vulnerabilidad podría obtener información para comprometer aún más el sistema del usuario, vulnerabilidad también conocida como "Win32k Information Disclosure Vulnerability". Multiple bugs have been discovered in the implementation of the win32k! • https://www.exploit-db.com/exploits/41879 http://www.securityfocus.com/bid/97462 http://www.securitytracker.com/id/1038239 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0058 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 97%CPEs: 11EXPL: 23CVE-2017-0199 – Microsoft Office and WordPad Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0199
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1 y Windows 8.1 permiten a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, vulnerabilidad también conocida como "Microsoft Office DLL Loading Vulnerability". Microsoft Excel contains a remote code execution vulnerability upon processing OLE objects. Versions 2007, 2010, 2013, and 2016 are affected on both architectures. Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. • https://www.exploit-db.com/exploits/42995 https://www.exploit-db.com/exploits/41934 https://www.exploit-db.com/exploits/41894 https://github.com/bhdresh/CVE-2017-0199 https://github.com/haibara3839/CVE-2017-0199-master https://github.com/Exploit-install/CVE-2017-0199 https://github.com/NotAwful/CVE-2017-0199-Fix https://github.com/n1shant-sinha/CVE-2017-0199 https://github.com/Sunqiz/CVE-2017-0199-reprofuction https://github.com/herbiezimmerman/2017-11-17-Maldoc-Using- •
CVSS: 4.3EPSS: 5%CPEs: 13EXPL: 0CVE-2017-0192
https://notcve.org/view.php?id=CVE-2017-0192
The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive information via a specially crafted document or an untrusted website, aka "ATMFD.dll Information Disclosure Vulnerability." Adobe Type Manager Font Driver (ATMFD.dll) en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; y Windows 10 Gold, 1511, 1607 y 1703 permite a un atacante obtener información sensible a través de un documento especialmente manipulado o un sitio web no confiable, vulnerabilidad también conocida como "Vulnerabilidad de divulgación de información ATMFD.dll". • http://www.securityfocus.com/bid/97452 http://www.securitytracker.com/id/1038231 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0192 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 14EXPL: 0CVE-2017-0166
https://notcve.org/view.php?id=CVE-2017-0166
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller, aka "LDAP Elevation of Privilege Vulnerability." Existe una vulnerabilidad de elevación de privilegios en Windows cuando se calculan incorrectamente las longitudes del búfer de solicitud LDAP. En un escenario de ataque remoto, un atacante podría explotar esta vulnerabilidad ejecutando una aplicación especialmente manipulada para enviar tráfico malintencionado a un controlador de dominio, vulnerabilidad también conocida como "LDAP Elevation of Privilege Vulnerability". • http://www.securityfocus.com/bid/97446 http://www.securitytracker.com/id/1038245 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0166 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.6EPSS: 0%CPEs: 13EXPL: 0CVE-2017-0158 – Microsoft Windows ADO Array-Type Parameter Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-0158
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability." Existe una vulnerabilidad de elevación de privilegios cuando Microsoft Windows, que se ejecuta en Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1 y Windows Server 2012 R2, no desinfecta adecuadamente los identificadores de memoria, vulnerabilidad también conocida como "Scripting Engine Memory Corruption Vulnerability". This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Microsoft ADO (ActiveX Data Objects) methods that accept an array as a parameter. By performing actions in script, an attacker can cause a pointer to be reused after it has been freed. • http://www.securityfocus.com/bid/97455 http://www.securitytracker.com/id/1038238 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0158 •