Lucene search
K
MicrosoftForefront Security

7 matches found

CVE
CVE
added 2017/05/26 8:0 p.m.1006 views

CVE-2017-8540

CVE-2017-8540 affects Microsoft Malware Protection Engine (MMPE) across Forefront/Defender deployments. The weakness arises from a use-after-free in the garbage collection system managing JavaScript objects during scanning of specially crafted files, enabling memory corruption and potential remot...

9.3CVSS6.3AI score0.71961EPSS
In wild
CVE
CVE
added 2017/05/26 8:0 p.m.227 views

CVE-2017-8541

CVE-2017-8541 concerns the Microsoft Malware Protection Engine (MMPE) remote code execution vulnerability. Multiple sources confirm MMPE fails to properly scan a specially crafted file, causing memory corruption and potentially arbitrary code execution. Exploitation indicators include exploits li...

9.3CVSS6.3AI score0.50281EPSS
In wild
CVE
CVE
added 2017/05/26 8:0 p.m.209 views

CVE-2017-8538

CVE-2017-8538 concerns the Microsoft Malware Protection Engine (MMPE) used by Forefront and Defender on Windows platforms (Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold/R2, Windows RT 8.1, Windows 10 versions 1511–1703, Windows Server 2016, plus Microsoft Ex...

9.3CVSS6.3AI score0.50281EPSS
In wild
CVE
CVE
added 2017/05/09 6:3 a.m.166 views

CVE-2017-0290

CVE-2017-0290 affects the Microsoft Malware Protection Engine (mpengine) used by Forefront/Defender on Windows clients/servers. The flaw is a memory corruption vulnerability triggered when scanning a specially crafted file, enabling remote code execution. Affected products span Windows 7/8.1/10 a...

9.3CVSS7.6AI score0.77207EPSS
CVE
CVE
added 2017/05/26 8:0 p.m.78 views

CVE-2017-8542

CVE-2017-8542 refers to a denial-of-service vulnerability in the Microsoft Malware Protection Engine (MMPE) used by Microsoft Defender/Forefront on Windows and Exchange Server variants. The issue arises when MMPE scans a specially crafted file, potentially causing the monitoring service to stop o...

5.5CVSS5.1AI score0.06021EPSS
CVE
CVE
added 2017/05/26 8:0 p.m.72 views

CVE-2017-8539

CVE-2017-8539 concerns the Microsoft Malware Protection Engine (MMPE) running on Windows systems (various client and server SKUs) where the engine, when scanning specially crafted files, can fail to properly scan and cause a denial of service. The CVE is part of a set of related vulnerabilities (...

5.5CVSS5.1AI score0.06021EPSS
CVE
CVE
added 2007/02/13 8:0 p.m.59 views

CVE-2006-5270

The CVE-2006-5270 issue is a remote code execution vulnerability in the Microsoft Malware Protection Engine (mpengine.dll) caused by an integer overflow when parsing PDF files. Affected products include Windows Live OneCare, Microsoft Antigen (Exchange 9.x and SMTP Gateway 9.x), Windows Defender ...

9.3CVSS7.6AI score0.3008EPSS