CVE-2017-0158

high

Description

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0158

http://www.securitytracker.com/id/1038238

http://www.securityfocus.com/bid/97455

Details

Source: Mitre, NVD

Published: 2017-04-12

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.19778