Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-0116 — Sensitive Information Exposure in Corporation Windows Uniscribe

CWE-200 — Sensitive Information Exposure CWE-271 — Privilege Dropping / Lowering Errors8 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

9.7%

top 7.06%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Corporation Windows Uniscribe Microsoft Windows Server 2008

Timeline

PublishedMar 17

Latest updateMay 17

Description

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-2017-0111, CVE-2017-0112, CVE-2017-0113, CVE-2017-0114, CVE-2017-0115, CVE-2017-0117, CVE-2017-0118, CVE-2017-0119, CVE-2017-0120, CVE-2017-0121, CVE-2017-0122, CVE-2017-0123, CVE-2017-0124, CVE-2017-0…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5microsoft_corporation/windows_uniscribeUniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1

▶NVDmicrosoft/windowsr2

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-c3h2-6978-r6v7: Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive informatio↗2022-05-17

▶

CVEList

CVE-2017-0116: Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive informatio↗2017-03-17

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows - Uniscribe Font Processing Multiple Heap Out-of-Bounds and Wild Reads (MS17-011)↗2017-03-20

▶

📋Vendor Advisories

Red Hat

docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc↗2020-06-23

▶

Microsoft

Windows Uniscribe Information Disclosure Vulnerability↗2017-03-14

▶

💬Community

Bugzilla

CVE-2020-14300 docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc↗2020-06-19

▶