PT-2017-1631 · Microsoft · Windows Vista Sp2+2

Published

2017-03-14

Updated

2019-10-03

CVE-2017-0039

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2

Description The issue is related to insufficient access restrictions in the dynamic link library loading of the Windows operating system. It may allow a remote attacker to execute arbitrary code and gain privileges using a specially crafted application.

Recommendations For Microsoft Windows Vista SP2 and Server 2008 SP2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2017-00784

CVE-2017-0039

Affected Products

Windows

Windows Server 2008 R2

Windows Vista Sp2

PT-2017-1631 · Microsoft · Windows Vista Sp2+2

CVE-2017-0039

Weakness Enumeration

Related Identifiers

Affected Products

References · 7