CVE-2017-8541
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD
Description
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8540.
Affected (3)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| Up to 1.1.13704.0 | |
| All versions |
| Running on/with | Platform Versions |
|---|---|
Microsoft Exchange Server | Version 2013 |
Microsoft Windows 10 | All versions |
Microsoft Windows 7 | All versions |
Microsoft Windows 8.1 | All versions |
Microsoft Windows Rt 8.1 | All versions |
Microsoft Windows Server 2008 | All versions |
Microsoft Windows Server 2012 | All versions |
Microsoft Windows Server 2016 | All versions |
References (8)
Source: secure@microsoft.com
Source: secure@microsoft.com
Vendor Advisory
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.