Lucene search
MicrosoftMS:CVE-2017-0104HistoryMar 14, 2017 - 7:00 a.m.
iSNS Server Memory Corruption Vulnerability
2017-03-1407:00:00
Microsoft
msrc.microsoft.com
15
0.008 Low
EPSS
Percentile
81.8%
A remote code execution vulnerability exists in Windows when the iSNS Server service fails to properly validate input from the client, leading to an integer overflow. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SYSTEM account.
An attacker could exploit the vulnerability by creating a specially crafted application to connect to the iSNS Server and then issue malicious requests to it.
The update addresses the vulnerability by modifying how the iSNS Server service parses requests.
Related
symantec
symantec
Microsoft Windows iSNS Server CVE-2017-0104 Memory Corruption Vulnerability
2017-03-14 00:00:00
prion
prion
Integer overflow
2017-03-17 00:59:00
mskb
mskb
MS17-012: Description of the security update for Microsoft Windows: March 14, 2017
2017-03-14 07:00:00
MS17-012: Security update for Microsoft Windows: March 14, 2017
2017-03-14 00:00:00
March 2017 Security Only Quality Update for Windows Server 2012
2017-03-14 07:00:00
cvelist
cvelist
CVE-2017-0104
2017-03-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows iSNS Server Memory Corruption (MS17-012: CVE-2017-0104)
2017-03-26 00:00:00
cve
cve
CVE-2017-0104
2017-03-17 00:59:00
nessus
nessus
MS17-012: Security Update for Microsoft Windows (4013078)
2017-03-15 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (4013078)
2017-03-15 00:00:00
kaspersky
kaspersky
KLA11902 Multiple vulnerabilities in Microsoft Products (ESU)
2017-03-14 00:00:00
KLA10979 Multiple vulnerabilities in Microsoft Windows
2017-03-14 00:00:00