CVE-2017-0294
published 2017-06-15CVE-2017-0294: Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703…
PriorityP349high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
17.38%
96.7th percentile
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to properly handle cabinet files, aka "Windows Remote Code Execution Vulnerability".
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft_corporation | microsoft_windows | — | — |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1511 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1703 | — | — |
| msrc | windows_7 | — | — |
| msrc | windows_8.1 | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2008 | — | — |
| msrc | windows_server_2008_r2 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc8.0HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-55gr-xccq-vgw3: Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8
ghsa_unreviewed·2022-05-13
CVE-2017-0294 [HIGH] GHSA-55gr-xccq-vgw3: Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to properly handle cabinet files, aka "Windows Remote Code Execution Vulnerability".
Microsoft
Windows Remote Code Execution Vulnerability
vendor_msrc·2017-06-13·CVSS 8.0
CVE-2017-0294 [HIGH] Windows Remote Code Execution Vulnerability
Windows Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.
To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious cabinet file disguised as a printer driver.
The update addresses the vulnerability by correcting how Windows handles cabinet files.
Microsoft Windows: Microsoft Windows
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4022727
Reference:
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday - June 2017
blogs_talos·2017-06-13·CVSS 8.8
CVE-2017-0283 [HIGH] Microsoft Patch Tuesday - June 2017
Today, Microsoft has release their monthly set of security updates designed to address vulnerabilities. This month's release addresses 92 vulnerabilities with 17 of them rated critical and 75 rated important. Impacted products include Edge, Internet Explorer, Office, Sharepoint, Skype for Business, Lync, and Windows.
### Vulnerabilities Rated Critical
#### CVE-2017-0283 This is a remote code execution vulnerability in Windows Uniscribe related to improper handling of objects in memory. The attack can result in the attacker gaining full control of the affected system. This can be exploited through multiple vectors including viewing a specially crafted website or a user opening a specially crafted document file.
#### CVE-2017-0291 / CVE-2017-0292 These are remote code execution vulnerabil
Talos
Vulnerability Spotlight: Randombit Botan Library X509 Certificate Validation Bypass Vulnerability
blogs_talos·2017-04-28·CVSS 6.5
[MEDIUM] Vulnerability Spotlight: Randombit Botan Library X509 Certificate Validation Bypass Vulnerability
This vulnerability was discovered by Aleksandar Nikolic of Cisco Talos.
### OverviewTalos has discovered a vulnerability in the Randombit Botan library. A programming error exists in a way Botan library implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability. A security advisory was published on theRandombit websiteto inform users the vulnerability is now fixed in versions 2.1.0 and 1.10.16.
TALOS-2017-0294 (CVE-2017-2801) Randombit Botan Library X509 Certificate Validation Bypass Vulnerability
## Details
### X509 Certificate Validation Bypass VulnerabilityThe vulnerability is located in the function that Bo
Bugzilla
CVE-2017-15089 infinispan: Unsafe deserialization of malicious object injected into data cache
bugzilla·2017-10-18·CVSS 8.8
CVE-2017-15089 [HIGH] CVE-2017-15089 infinispan: Unsafe deserialization of malicious object injected into data cache
CVE-2017-15089 infinispan: Unsafe deserialization of malicious object injected into data cache
A vulnerability in Infinispan was found allowing malicious users to inject malicious serialized objects into server's data cache and potentially execute arbitrary code on other user's machine when the malicious data are fetched using hotrod protocol.
Discussion:
Acknowledgments:
Name: Man Yue Mo (Semmle/lgtm.com)
---
Hotrod is not supported without JDG entitlement, setting JON to notaffected.
https://access.redhat.com/solutions/281643
---
This issue has been addressed in the following products:
Red Hat JBoss Data Grid
Via RHSA-2018:0294 https://access.redhat.com/errata/RHSA-2018:0294
---
This issue has been addressed in the following products:
Red Hat JBoss Enterprise Application Pl
2017-06-15
Published