CVE-2017-0167

Опубликовано: 12 апр. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Средний

Описание

An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system, a.k.a. "Windows Kernel Information Disclosure Vulnerability."

Ссылки

http://www.securityfocus.com/bid/97473
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038239
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0167
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/41880/
http://www.securityfocus.com/bid/97473
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038239
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0167
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/41880/

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10188

Средний

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-0167

CVSS3: 7.3

msrc

около 8 лет назад

Windows Kernel Information Disclosure Vulnerability

GHSA-2h9f-vrvc-wfwh