CVSS: 8.8EPSS: 2%CPEs: 13EXPL: 0CVE-2017-0210 – Microsoft Internet Explorer Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-0210
An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability." Existe una vulnerabilidad de elevación de privilegios cuando Internet Explorer no aplica adecuadamente las directivas entre dominios, lo que podría permitir a un atacante acceder a información de un dominio e inyectarla en otro dominio, vulnerabilidad también conocido como "Internet Explorer Elevation of Privilege Vulnerability". A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information. • http://www.securityfocus.com/bid/97512 http://www.securitytracker.com/id/1038238 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0210 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1CVE-2017-0005 – Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-0005
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0025, and CVE-2017-0047. La Graphics Device Interface (GDI) en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1 y Windows 10 Gold, 1511 y 1607 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows GDI Elevation of Privilege Vulnerability". Esta vulnerabilidad es distinta de aquellas descritas en CVE-2017-0001, CVE-2017-0025 y CVE-2017-0047. The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application. • http://www.securityfocus.com/bid/96033 http://www.securitytracker.com/id/1038002 https://blogs.technet.microsoft.com/mmpc/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0005 •
CVSS: 9.3EPSS: 96%CPEs: 36EXPL: 11CVE-2017-0144 – Microsoft SMBv1 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0144
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148. El servidor SMBv1 en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; y Windows 10 Gold, 1511 y 1607; y Windows Server 2016 permite a atacantes remotos ejecutar código arbitrario a través de paquetes manipulados, vulnerabilidad también conocida como "Windows SMB Remote Code Execution Vulnerability". Esta vulnerabilidad es diferente a la descrita en CVE-2017-0143, CVE-2017-0145, CVE-2017-0146 y CVE-2017-0148. The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets. • https://www.exploit-db.com/exploits/41891 https://www.exploit-db.com/exploits/47456 https://www.exploit-db.com/exploits/42031 https://www.exploit-db.com/exploits/42315 https://www.exploit-db.com/exploits/41987 https://www.exploit-db.com/exploits/42030 https://github.com/EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution https://github.com/ducanh2oo3/Vulnerability-Research-CVE-2017-0144 https://github.com/quynhold/Detect-CVE-2017-0144-attack http://packetstorm •
CVSS: 7.5EPSS: 92%CPEs: 35EXPL: 7CVE-2017-0147 – Microsoft Windows SMBv1 Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-0147
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability." El servidor SMBv1 en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; y Windows 10 Gold, 1511 y 1607; y Windows Server 2016 permite a atacantes remotos obtener información sensible de la memoria del proceso a través de paquetes manipulados, vulnerabilidad también conocida como "Windows SMB Information Disclosure Vulnerability". The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet. • https://www.exploit-db.com/exploits/41891 https://www.exploit-db.com/exploits/47456 https://www.exploit-db.com/exploits/43970 https://www.exploit-db.com/exploits/41987 https://github.com/RobertoLeonFR-ES/Exploit-Win32.CVE-2017-0147.A http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html http://www.securityfocus.com/bid/96709 http://www.securitytracker.com/id/1037991 http •
CVSS: 8.8EPSS: 50%CPEs: 16EXPL: 0CVE-2017-0149 – Microsoft Internet Explorer Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2017-0149
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0018 and CVE-2017-0037. Microsoft Internet Explorer 9 hasta la versión 11 permiten a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, vulnerabilidad también conocida como "Internet Explorer Memory Corruption Vulnerability". Esta vulnerabilidad es diferente a la descrita en CVE-2017-0018 y CVE-2017-0037. Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial-of-service (DoS) via a crafted website. • http://www.securityfocus.com/bid/96724 http://www.securitytracker.com/id/1038008 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0149 • CWE-787: Out-of-bounds Write •