CVE-2017-0158

high

Description

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."

References

http://www.securityfocus.com/bid/97455

http://www.securitytracker.com/id/1038238

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0158

Details

Source: MITRE

Published: 2017-04-12

Updated: 2019-10-03

Risk Information

CVSS v2

Base Score: 7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 4.9

Severity: HIGH

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.6

Severity: HIGH