CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2017-0101 – Microsoft Windows Transaction Manager Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-0101
The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability." Los controladores del modo kernel en Transaction Manager en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1; Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permiten a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows Elevation of Privilege Vulnerability". A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. • https://www.exploit-db.com/exploits/44479 http://www.securityfocus.com/bid/96625 http://www.securitytracker.com/id/1038013 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 50%CPEs: 16EXPL: 0CVE-2017-0149 – Microsoft Internet Explorer Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2017-0149
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0018 and CVE-2017-0037. Microsoft Internet Explorer 9 hasta la versión 11 permiten a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, vulnerabilidad también conocida como "Internet Explorer Memory Corruption Vulnerability". Esta vulnerabilidad es diferente a la descrita en CVE-2017-0018 y CVE-2017-0037. Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial-of-service (DoS) via a crafted website. • http://www.securityfocus.com/bid/96724 http://www.securitytracker.com/id/1038008 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0149 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 96%CPEs: 13EXPL: 6CVE-2017-0146 – Microsoft Windows SMB Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0146
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148. El servidor SMBv1 en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; y Windows 10 Gold, 1511 y 1607; y Windows Server 2016 permite a atacantes remotos ejecutar código arbitrario a través de paquetes manipulados, vulnerabilidad también conocida como Windows SMB Remote Code Execution Vulnerability". Esta vulnerabilidad es diferente de la descrita en CVE-2017-0143, CVE-2017-0144, CVE-2017-0145 y CVE-2017-0148. The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution. • https://www.exploit-db.com/exploits/41891 https://www.exploit-db.com/exploits/47456 https://www.exploit-db.com/exploits/43970 https://www.exploit-db.com/exploits/41987 http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html http://www.securityfocus.com/bid/96707 http://www.securitytracker.com/id/1037991 https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf https: • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1CVE-2017-0055 – Microsoft Internet Information Services Cross Site Scripting
https://notcve.org/view.php?id=CVE-2017-0055
Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site scripting and run script with local user privileges via a crafted request, aka "Microsoft IIS Server XSS Elevation of Privilege Vulnerability." Microsoft Internet Information Server (IIS) en Windows Vista SP2; Windows Server 2008 SP2 y R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a atacantes remotos realizar XSS y ejecutar secuencias de comandos con privilegios de usuario local a través de una petición manipulada, vulnerabilidad también conocida como "Microsoft IIS Server XSS Elevation of Privilege Vulnerability". Microsoft Internet Information Services web server suffers from a cross site scripting vulnerability. • https://github.com/NetJBS/CVE-2017-0055-PoC http://www.securityfocus.com/bid/96622 http://www.securitytracker.com/id/1038012 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0055 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 2CVE-2017-0100 – Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012)
https://notcve.org/view.php?id=CVE-2017-0100
A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows HelpPane Elevation of Privilege Vulnerability." Un objeto DCOM en Helppane.exe en Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows HelpPane Elevation of Privilege Vulnerability". Microsoft Windows suffers from a COM session moniker elevation of privilege vulnerability. • https://www.exploit-db.com/exploits/41607 https://github.com/cssxn/CVE-2017-0100 http://blog.inspired-sec.com/archive/2017/03/17/COM-Moniker-Privesc.html http://www.securityfocus.com/bid/96700 http://www.securitytracker.com/id/1038001 https://bugs.chromium.org/p/project-zero/issues/detail?id=1021 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0100 • CWE-287: Improper Authentication •