Sleepya

#7755of 53,624
35.4Total CVSS
Vulnerabilities · 4
High
4
PT-2017-1936
7.5
2017-03-14
Microsoft · Windows Server 2016 · CVE-2017-0147
**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions Vista SP2, Server 2008 SP2 and R2 SP1, 7 SP1, 8.1, Server 2012 Gold and R2, RT 8.1, 10 Gold, 1511, 1607, and Server 2016 **Description** The issue allows remote attackers to obtain sensitive information from process memory via crafted packets. This can potentially affect a large number of devices worldwide. **Recommendations** For Microsoft Windows versions Vista SP2, Server 2008 SP2 and R2 SP1, 7 SP1, 8.1, Server 2012 Gold and R2, RT 8.1, 10 Gold, 1511, 1607, and Server 2016, consider disabling the SMBv1 server as a temporary workaround until a patch is available. Restrict access to the SMBv1 server to minimize the risk of exploitation.
PT-2017-1937
9.3
2017-03-14
Microsoft · Windows · CVE-2017-0146
**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue exists due to insufficient input validation in the SMBv1 protocol of Microsoft Windows. It allows a remote attacker to execute arbitrary code using specially crafted packets. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2017-1939
9.3
2017-03-14
Microsoft · Windows · CVE-2017-0144
**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue exists due to insufficient input validation in the SMBv1 protocol of the Microsoft Windows operating system. It allows a remote attacker to execute arbitrary code using specially crafted packets. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2017-1940
9.3
2017-03-14
Microsoft · Windows · CVE-2017-0143
**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Server Message Block (SMBv1) (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary code and affect the system. This is due to insufficient input validation in the SMBv1 protocol of the Microsoft Windows operating system. Exploitation of the issue may allow a remote attacker to execute arbitrary code using specially crafted packets. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.