CVE-2017-0158

EPSS 12.6%

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 12.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

12 Apr 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."

Affected products

Microsoft Corporation · Windows

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0158 http://www.securityfocus.com/bid/97455 http://www.securitytracker.com/id/1038238