CVE-2017-0290

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability."
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:microsoft:forefront_security:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_defender:-:*:*:*:*:*:*:*
OR cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-05-09 06:29

Updated : 2024-02-04 19:11


NVD link : CVE-2017-0290

Mitre link : CVE-2017-0290

CVE.ORG link : CVE-2017-0290


JSON object : View

Products Affected

microsoft

  • windows_server_2012
  • windows_8.1
  • forefront_security
  • windows_7
  • windows_server_2016
  • windows_defender
  • windows_server_2008
  • malware_protection_engine
  • windows_10
  • windows_rt_8.1
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer