Microsoft Windows Server 2008 vulnerabilities

CVE-2017-0279 [HIGH] CVE-2017-0279: The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution

CVE-2017-0077 [HIGH] CVE-2017-0077: The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows S The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow a local authenticated attacker to execute a specially crafted application to obtain information, or in Windows 7 and later, cause denial of service, aka "Win3

CVE-2017-0263 [HIGH] CWE-416 CVE-2017-0263: The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

CVE-2017-0275 [MEDIUM] CVE-2017-0275: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vul

CVE-2017-0171 [MEDIUM] CWE-20 CVE-2017-0171: Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 a Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka "Windows DNS Server Denial of Service Vulnerability".

CVE-2017-0273 [MEDIUM] CVE-2017-0273: The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends speci The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0280.

CVE-2017-0269 [MEDIUM] CWE-20 CVE-2017-0269: The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends speci The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280.

CVE-2017-0271 [MEDIUM] CVE-2017-0271: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vul

CVE-2017-0267 [MEDIUM] CWE-200 CVE-2017-0267: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclo

CVE-2017-0270 [MEDIUM] CVE-2017-0270: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vul

CVE-2017-0242 [MEDIUM] CWE-200 CVE-2017-0242: An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability."

CVE-2017-0258 [MEDIUM] CVE-2017-0258: The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Wind The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a

CVE-2017-0244 [MEDIUM] CVE-2017-0244: The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows locally authenticated att The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows locally authenticated attackers to gain privileges via a crafted application, or in Windows 7 for x64-based systems, cause denial of service, aka "Windows Kernel Elevation of Privilege Vulnerability."

CVE-2017-0175 [MEDIUM] CWE-200 CVE-2017-0175: The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated att The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220, CVE-2017-0258, and CVE-2017-0259.

CVE-2017-0220 [MEDIUM] CVE-2017-0220: The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gol The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0258, and CVE-2017-0259.

CVE-2017-0190 [MEDIUM] CWE-200 CVE-2017-0190: The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windo The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability."

CVE-2017-0274 [MEDIUM] CVE-2017-0274: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vul

CVE-2017-0276 [MEDIUM] CVE-2017-0276: Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vul

CVE-2017-0245 [MEDIUM] CWE-200 CVE-2017-0245: The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."

CVE-2017-0280 [MEDIUM] CVE-2017-0280: The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends speci The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0273.