Lucene search

PRIOn knowledge basePRION:CVE-2017-8591

HistoryAug 08, 2017 - 9:29 p.m.

Remote code execution

2017-08-0821:29:00

PRIOn knowledge base

www.prio-n.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.054 Low

EPSS

Percentile

92.9%

JSON

Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution vulnerability when it fails to properly handle objects in memory, aka “Windows IME Remote Code Execution Vulnerability”.

CPENameOperatorVersion
windows_10eq1511
windows_10eq1607
windows_10eq1703
windows_server_2012eq2.0.114

Name	Operator	Version
windows_10	eq	1511
windows_10	eq	1607
windows_10	eq	1703
windows_server_2012	eq	2.0.114

References

www.securityfocus.com/bid/99430

www.securitytracker.com/id/1039097

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8591

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.054 Low

EPSS

Percentile

92.9%

JSON

Related for PRION:CVE-2017-8591