CVE-2017-0100

🗓️ 17 Mar 2017 00:00:00Reported by microsoftType

DCOM object in Helppane.exe allows local user privileges elevation in Microsoft Window

Reporter	Title	Published	Views	Family All 26
0day.today	Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012) Exploit	16 Mar 201700:00	–	zdt
0day.today	Microsoft Windows COM Session Moniker Privilege Escalation Exploit	14 Jul 201700:00	–	zdt
Circl	CVE-2017-0100	15 Mar 201700:00	–	circl
CNVD	Microsoft Windows HelpPane Elevation of Privilege Vulnerability	16 Mar 201700:00	–	cnvd
Check Point Advisories	Microsoft Windows COM Elevation of Privilege (MS17-012: CVE-2017-0100)	14 Mar 201700:00	–	checkpoint_advisories
CVE	CVE-2017-0100	17 Mar 201700:00	–	cve
Microsoft KB	March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1	14 Mar 201707:00	–	mskb
Microsoft KB	March 2017 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2	14 Mar 201707:00	–	mskb
Microsoft KB	March 2017 Security Only Quality Update for Windows Server 2012	14 Mar 201707:00	–	mskb
Microsoft KB	March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1	14 Mar 201707:00	–	mskb

[
  {
    "product": "Windows HelpPane",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Windows HelpPane in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016"
      }
    ]
  }
]

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0100
securitytracker	www.securitytracker.com/id/1038001
exploit-db	www.exploit-db.com/exploits/41607/
bugs	www.bugs.chromium.org/p/project-zero/issues/detail
securityfocus	www.securityfocus.com/bid/96700
blog	www.blog.inspired-sec.com/archive/2017/03/17/COM-Moniker-Privesc.html

15 Aug 2017 09:57Current

6.3Medium risk

Vulners AI Score6.3

EPSS0.50348