Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to the way that Windows Shell validates file copy destinations, aka "Windows Shell Remote Code Execution Vulnerability".
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/100783 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039331 | Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8699 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-09-13 01:29
Updated : 2024-02-04 19:29
NVD link : CVE-2017-8699
Mitre link : CVE-2017-8699
CVE.ORG link : CVE-2017-8699
JSON object : View
Products Affected
microsoft
- windows_server_2012
- windows_8.1
- windows_server_2016
- windows_7
- windows_server_2008
- windows_10
- windows_rt_8.1
CWE
CWE-20
Improper Input Validation