CVE-2017-0022

🗓️ 17 Mar 2017 00:00:00Reported by microsoftType

Microsoft XML Core Services vulnerability in various Windows versions allows file testing via crafted website

Reporter	Title	Published	Views	Family All 31
ATTACKERKB	CVE-2017-0022	17 Mar 201700:00	–	attackerkb
Circl	CVE-2017-0022	28 Mar 201707:37	–	circl
CISA KEV Catalog	Microsoft XML Core Services Information Disclosure Vulnerability	24 May 202200:00	–	cisa_kev
CNVD	Microsoft XML Core Services Information Disclosure Vulnerability (CNVD-2017-03862)	15 Mar 201700:00	–	cnvd
Check Point Advisories	Microsoft XML Core Services Information Disclosure (MS17-022: CVE-2017-0022)	14 Mar 201700:00	–	checkpoint_advisories
Cvelist	CVE-2017-0022	17 Mar 201700:00	–	cvelist
Microsoft KB	Security update 2017-03-14	14 Mar 201707:00	–	mskb
Microsoft KB	MS17-022: Security update for Microsoft XML Core Services: March 14, 2017	14 Mar 201700:00	–	mskb
Microsoft KB	March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1	14 Mar 201707:00	–	mskb
Microsoft KB	March 2017 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2	14 Mar 201707:00	–	mskb

NVD

Node

microsoft xml_core_servicesMatch3.0

AND

microsoft windows_10_1507Match-x64

microsoft windows_10_1507Match-x86

microsoft windows_10_1511Match-x64

microsoft windows_10_1511Match-x86

microsoft windows_10_1607Match-x64

microsoft windows_10_1607Match-x86

microsoft windows_7Match-sp1

microsoft windows_8.1Match-

microsoft windows_rt_8.1Match-

microsoft windows_server_2008Match-sp2

microsoft windows_server_2008Matchr2sp1x64

microsoft windows_server_2012Match-

microsoft windows_server_2012Matchr2

microsoft windows_server_2016Match-

microsoft windows_vistaMatch-sp2

Node

microsoft windows_8.1Match-

microsoft windows_server_2008Matchr2sp1x64

microsoft windows_server_2012Match-

microsoft windows_server_2012Matchr2

[
  {
    "product": "XML Core Services",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/96069
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0022
securitytracker	www.securitytracker.com/id/1038014
0patch	www.0patch.blogspot.com/2017/09/exploit-kit-rendezvous-and-cve-2017-0022.html
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

22 Apr 2026 13:49Current

4.3Medium risk

Vulners AI Score4.3

CVSS 24.3

CVSS 3.16.5

EPSS0.3669

SSVC