Vulnerability Description
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 10 | All versions |
| Microsoft | Windows 7 | All versions |
| Microsoft | Windows 8.1 | All versions |
| Microsoft | Windows Rt 8.1 | All versions |
| Microsoft | Windows Server 2008 | All versions |
| Microsoft | Windows Server 2012 | All versions |
| Microsoft | Windows Server 2016 | All versions |
| Microsoft | Windows Vista | All versions |
References
- http://www.securityfocus.com/bid/97455Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038238
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0158PatchVendor Advisory
- http://www.securityfocus.com/bid/97455Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038238
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0158PatchVendor Advisory
FAQ
What is CVE-2017-0158?
CVE-2017-0158 is a vulnerability with a CVSS score of 7.5 (HIGH). An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles ...
How severe is CVE-2017-0158?
CVE-2017-0158 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-0158?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 10, Microsoft Windows 7, Microsoft Windows 8.1, Microsoft Windows Rt 8.1, Microsoft Windows Server 2008.