CVE-2017-11819

Опубликовано: 13 окт. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 7.6

EPSS Средний

Описание

Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka "Windows Shell Remote Code Execution Vulnerability".

Ссылки

http://www.securityfocus.com/bid/101121
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039537
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101121
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039537
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.25959

Средний

7.5 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2017-11819

CVSS3: 7.5

msrc

больше 7 лет назад

Windows Shell Remote Code Execution Vulnerability

GHSA-xpxc-7j8q-3794

CVSS3: 7.5

github

около 3 лет назад

EPSS

Процентиль: 96%

0.25959

Средний

7.5 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-119