CVE-2017-8487
Summary
| CVE | CVE-2017-8487 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-06-15 20:29:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerability." |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows Server 2003 | - | All | All | All |
| Operating System | Microsoft | Windows Server 2003 | - | All | All | All |
| Operating System | Microsoft | Windows Xp | - | All | All | All |
| Operating System | Microsoft | Windows Xp | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Windows - 'IOCTL 0x390400, operation code 0x00020000' Kernel KsecDD Pool Memory Disclosure - Windows dos Exploit | EXPLOIT-DB | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| Description of the security update for Windows XP and Windows Server 2003: June 13, 2017 | CONFIRM | support.microsoft.com | Patch, Vendor Advisory |
| Microsoft Windows OLE CVE-2017-8487 Remote Code Execution Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Microsoft Windows OLE 'olecnv32.dll' File Processing Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.