ID CVE-2017-0160
Summary Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 97447
confirm https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0160
exploit-db 41903
sectrack 1038236
Last major update 03-10-2019 - 00:03
Published 12-04-2017 - 14:59
Last modified 03-10-2019 - 00:03
Back to Top