CVE-2017-0042

Опубликовано: 17 мар. 2017

Источник: nvd

CVSS3: 3.1

CVSS2: 2.6

EPSS Средний

Описание

Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; Windows 7 SP1; Windows 2008 SP2 and R2 SP1, Windows Server 2016; Windows Vista SP2; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "Windows Media Player Information Disclosure Vulnerability."

Ссылки

http://pastebin.com/raw/Eztknq4s
http://www.securityfocus.com/bid/96098
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038016
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0042
Patch
Vendor Advisory
https://twitter.com/Qab/status/842506404950917120
http://pastebin.com/raw/Eztknq4s
http://www.securityfocus.com/bid/96098
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038016
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0042
Patch
Vendor Advisory
https://twitter.com/Qab/status/842506404950917120

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.19033

Средний

3.1 Low

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-0042

CVSS3: 3.7

msrc

больше 8 лет назад

Windows DirectShow Information Disclosure Vulnerability

GHSA-5ggj-cw9v-2523