Microsoft Windows OLE Global Buffer Overflow (CVE-2017-8487)

A global buffer overflow vulnerability exists in Microsoft Windows OLE. The vulnerability is due to improper validation of image files embedded within an OLE stream. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted web page, an email message...

CVE-2017-8487

CVE-2017-8487 affects Microsoft Windows XP and Windows Server 2003. The vulnerability is in Windows OLE, specifically olecnv32.dll, due to improper validation of input embedded in OLE streams/files. An attacker can achieve remote code execution by compelling a user to open a specially crafted fil...

CVE-2017-8487

creationtimestamp| type| source ---|---|--- 2017-06-15 09:40:24+00:00| seen| https://t.me/webamoozir/1990 2017-06-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42211 2024-08-28 18:35:46+00:00| seen| Telegram/j46biYXoEMGTzQhf66ig4ybmtSW9esngR66zeYV2L0vIjw 2025-09-17...

KLA11056 Multiple arbitrary code execution vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows XP and Microsoft Windows Server 2003. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user input in Windows OLE can be...

Rare XP Patches Fix Three Remaining Leaked NSA Exploits

The unusual decision Microsoft made to release patches on Tuesday for unsupported versions of Windows was prompted by three NSA exploits that remained unaddressed from April’s ShadowBrokers leak. The worst of the bunch, an attack called ExplodingCan CVE-2017-7269, targets older versions of...

Microsoft Security Advisory 4025685: Guidance for older platforms (XP / 2003) (EXPLODINGCAN)

The remote Windows host is missing a security update. It is, therefore, affected by one or more of the following vulnerabilities : - A remote code execution vulnerability exists in how the Remote Desktop Protocol RDP handles requests if the RDP server has Smart Card authentication enabled. An...

Windows 8 June 2017 Security Updates

The remote Windows 8 host is missing a security update. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists in Microsoft Internet Explorer due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, ...

Microsoft Windows OLE CVE-2017-8487 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...