cbcvebase.

Microsoft Corporation Windows Uniscribe vulnerabilities

5 known vulnerabilities affecting microsoft_corporation/windows_uniscribe.

Total CVEs
5
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2017-0072P2HIGHCVSS 8.8PoCvUniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP12017-03-17
CVE-2017-0072 [HIGH] CWE-119 CVE-2017-0072: Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allo Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0083, CVE-2017-0084, CVE-2017-0086, CVE-2017-0087, CVE-2017-0088, C
nvd
CVE-2017-0088P2HIGHCVSS 8.8PoCvUniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2 SP1, and Windows 7 SP12017-03-17
CVE-2017-0088 [HIGH] CWE-119 CVE-2017-0088: Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allo Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."
nvd
CVE-2017-0085P3MEDIUMCVSS 4.3PoCvUniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP12017-03-17
CVE-2017-0085 [MEDIUM] CWE-200 CVE-2017-0085: Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allo Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0091, CVE-2017-0092, CVE-2017-0111, CVE-2017-0112, CVE-2017-0113, CVE-2017-0114, CVE-2017-0115
nvd
CVE-2017-8692P3HIGHCVSS 7.5vMicrosoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 20162017-09-13
CVE-2017-8692 [HIGH] CWE-119 CVE-2017-8692: The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows R The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote code execution vulnerability when it fails to properly handle objects in memory, aka "Uniscribe Remote Code Execution Vulnerability".
nvd
CVE-2017-8695P3MEDIUMCVSS 5.3vMicrosoft Windows Server 2008 SP2 and R2 SP1vWindows 7 SP1+13 more2017-09-13
CVE-2017-8695 [MEDIUM] CWE-200 CVE-2017-8695: Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windo Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live
nvd