Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMicrosoftCVELIST:CVE-2017-8710
HistorySep 12, 2017 - 12:00 a.m.

CVE-2017-8710

2017-09-1200:00:00
microsoft
www.cve.org

5.7 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.1%

JSON

The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML input containing a reference to an external entity, aka “Windows Information Disclosure Vulnerability”.

CNA Affected

[
  {
    "product": "Microsoft Common Console Document (.msc)",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1."
      }
    ]
  }
]

Related

mscve 1
vulnerlab 2
symantec 1
checkpoint_advisories 1
openvas 2
prion 1
nvd 1
mskb 3
cve 1
kaspersky 1
nessus 2
talosblog 1
trendmicroblog 1
mscve
mscve
Windows System Information Console Information Disclosure Vulnerability
2017-09-12 07:00:00
vulnerlab
vulnerlab
Microsoft Windows - MSC XXE Data Exfiltrate Vulnerability
2017-09-18 00:00:00
Microsoft Windows - MSC XXE Data Exfiltrate Vulnerability
2017-09-18 00:00:00
symantec
symantec
Microsoft Windows CVE-2017-8710 Information Disclosure Vulnerability
2017-09-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows XXE Information Disclosure (CVE-2017-8710)
2017-09-17 00:00:00
openvas
openvas
Microsoft Windows Information Disclosure Vulnerability (KB4039038)
2017-09-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4038777)
2017-09-13 00:00:00
prion
prion
Information disclosure
2017-09-13 01:29:00
nvd
nvd
CVE-2017-8710
2017-09-13 01:29:10
mskb
mskb
Security update for the information disclosure vulnerability in Windows Server 2008: September 12, 2017
2017-09-12 07:00:00
September 12, 2017—KB4038779 (Security-only update)
2017-09-12 07:00:00
September 12, 2017—KB4038777 (Monthly Rollup)
2017-09-12 07:00:00
cve
cve
CVE-2017-8710
2017-09-13 01:29:10
kaspersky
kaspersky
KLA11899 Multiple vulnerabilities in Microsoft Products (ESU)
2017-09-12 00:00:00
nessus
nessus
Windows 2008 September 2017 Multiple Security Updates
2017-09-12 00:00:00
Windows 7 and Windows Server 2008 R2 September 2017 Security Updates
2017-09-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - September 2017
2017-09-12 15:41:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of September 11, 2017
2017-09-15 14:59:53

5.7 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.1%

JSON
Related for CVELIST:CVE-2017-8710
mscve1vulnerlab2symantec1checkpoint_advisories1openvas2prion1nvd1mskb3cve1kaspersky1nessus2talosblog1trendmicroblog1