Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-0090
HistoryMar 17, 2017 - 12:59 a.m.

CVE-2017-0090

2017-03-1700:59:00
CWE-119
[email protected]
web.nvd.nist.gov
61
cve-2017-0090
uniscribe
microsoft
windows
remote code execution
vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.154 Low

EPSS

Percentile

95.8%

JSON

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka “Uniscribe Remote Code Execution Vulnerability.” This vulnerability is different from those described in CVE-2017-0072, CVE-2017-0083, CVE-2017-0084, CVE-2017-0086, CVE-2017-0087, CVE-2017-0088, and CVE-2017-0089.

VendorProductVersionCPE
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Related

prion 8
cve 7
googleprojectzero 1
symantec 8
checkpoint_advisories 7
zdt 8
mscve 8
mskb 11
kaspersky 3
nessus 1
openvas 1
exploitpack 1
exploitdb 1
seebug 1
prion
prion
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
cve
cve
CVE-2017-0086
2017-03-17 00:59:00
CVE-2017-0084
2017-03-17 00:59:00
CVE-2017-0087
2017-03-17 00:59:00
googleprojectzero
googleprojectzero
Notes on Windows Uniscribe Fuzzing
2017-04-10 00:00:00
symantec
symantec
Microsoft Windows Uniscribe CVE-2017-0090 Remote Code Execution Vulnerability
2017-03-14 00:00:00
Microsoft Windows Uniscribe CVE-2017-0086 Remote Code Execution Vulnerability
2017-03-14 00:00:00
Microsoft Windows Uniscribe CVE-2017-0089 Remote Code Execution Vulnerability
2017-03-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Uniscribe Remote Code Execution (MS17-011: CVE-2017-0090)
2017-03-14 00:00:00
Microsoft Windows Uniscribe Remote Code Execution (MS17-011: CVE-2017-0086)
2017-03-14 00:00:00
Microsoft Windows Uniscribe Remote Code Execution (MS17-011: CVE-2017-0087)
2017-03-14 00:00:00
zdt
zdt
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption Around USP10!BuildFSM (MS
2017-03-20 00:00:00
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in USP10!otlCacheManager:
2017-03-20 00:00:00
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in USP10!MergeLigRecords
2017-03-20 00:00:00
mscve
mscve
Windows Uniscribe Remote Code Execution Vulnerability
2017-03-14 07:00:00
Windows Uniscribe Remote Code Execution Vulnerability
2017-03-14 07:00:00
Windows Uniscribe Remote Code Execution Vulnerability
2017-03-14 07:00:00
mskb
mskb
MS17-011: Security update for Microsoft Uniscribe: March 14, 2017
2017-03-14 00:00:00
MS17-011 and MS17-013: Description of the security update for Microsoft Graphics Component: March 14, 2017
2017-03-14 07:00:00
March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1
2017-03-14 07:00:00
kaspersky
kaspersky
KLA10978 Multiple vulnerabilities in Windows Uniscribe
2017-03-14 00:00:00
KLA11902 Multiple vulnerabilities in Microsoft Products (ESU)
2017-03-14 00:00:00
KLA10979 Multiple vulnerabilities in Microsoft Windows
2017-03-14 00:00:00
nessus
nessus
MS17-011: Security Update for Microsoft Uniscribe (4013076)
2017-03-14 00:00:00
openvas
openvas
Microsoft Uniscribe Multiple Vulnerabilities (4013076)
2017-03-15 00:00:00
exploitpack
exploitpack
Microsoft Windows - USP10!MergeLigRecords Uniscribe Font Processing Heap Memory Corruption
2017-06-23 00:00:00
exploitdb
exploitdb
Microsoft Windows - 'USP10!MergeLigRecords' Uniscribe Font Processing Heap Memory Corruption
2017-06-23 00:00:00
seebug
seebug
Microsoft Windows Uniscribe Remote Code Execution Vulnerability(CVE-2017-0283)
2017-06-27 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.154 Low

EPSS

Percentile

95.8%

JSON
Related for CVE-2017-0090
prion8cve7googleprojectzero1symantec8checkpoint_advisories7zdt8mscve8mskb11kaspersky3nessus1openvas1exploitpack1exploitdb1seebug1