cvelistv5 - cve-2017-5717

CVE-2017-5717 (GCVE-0-2017-5717)

Vulnerability from cvelistv5

Published

2017-12-12 20:00

Modified

2024-09-16 20:58

Severity ?

CWE

Elevation of Privilege

Summary

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.

References

URL

	Vendor	Product	Version
	Intel Corporation	Intel Graphics Driver	Version: 15.49/15.47/15.46/15.45/15.40/15.36/15.33

cnvd-2018-00668

Vulnerability from cnvd

Title

Intel Graphics Driver Content Protection HECI Service本地权限提升漏洞

Description

Intel Graphics Driver是美国英特尔（Intel）公司开发的一款集成显卡驱动程序。Content Protection HECI Service是其中的一个内容保护服务。 Intel Graphics Driver中的Content Protection HECI Service存在本地权限提升漏洞。攻击者可借助本地访问权限利用该漏洞提升权限。

Severity

中

Patch Name

Intel Graphics Driver Content Protection HECI Service本地权限提升漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095&languageid=en-fr

Reference

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095&languageid=en-fr https://www.exploit-db.com/exploits/43373/

Impacted products

Name
Intel Graphics Driver

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5717"
    }
  },
  "description": "Intel Graphics Driver\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u96c6\u6210\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002Content Protection HECI Service\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5185\u5bb9\u4fdd\u62a4\u670d\u52a1\u3002\r\n\r\nIntel Graphics Driver\u4e2d\u7684Content Protection HECI Service\u5b58\u5728\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u672c\u5730\u8bbf\u95ee\u6743\u9650\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
  "discovererName": "Google Security Research",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-00668",
  "openTime": "2018-01-10",
  "patchDescription": "Intel Graphics Driver\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u96c6\u6210\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002Content Protection HECI Service\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5185\u5bb9\u4fdd\u62a4\u670d\u52a1\u3002\r\n\r\nIntel Graphics Driver\u4e2d\u7684Content Protection HECI Service\u5b58\u5728\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u672c\u5730\u8bbf\u95ee\u6743\u9650\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel Graphics Driver Content Protection HECI Service\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Intel Graphics Driver"
  },
  "referenceLink": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr\r\nhttps://www.exploit-db.com/exploits/43373/",
  "serverity": "\u4e2d",
  "submitTime": "2017-12-14",
  "title": "Intel Graphics Driver Content Protection HECI Service\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

fkie_cve-2017-5717

Vulnerability from fkie_nvd

Published

2017-12-12 20:29

Modified

2025-04-20 01:37

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.

References

URL	Tags
secure@intel.com	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095&languageid=en-fr	Vendor Advisory
secure@intel.com	https://www.exploit-db.com/exploits/43373/
af854a3a-2127-422b-91ae-364da2661108	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095&languageid=en-fr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/43373/

Impacted products

Vendor	Product	Version
intel	graphics_driver	15.33
intel	graphics_driver	15.36
intel	graphics_driver	15.40
intel	graphics_driver	15.45
intel	graphics_driver	15.46
intel	graphics_driver	15.47
intel	graphics_driver	15.49

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E953C915-AE8C-41FC-910A-E7E753BE80AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "6587FA95-482E-460A-8528-9A14F6D011C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF36FB24-B964-4BDE-A86C-28FBEE7DA539",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "99AF58D2-4CE6-46CC-AFF9-4CD28C38E8D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "21D47F52-E22F-4879-8FF0-9BD223911948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D3A073-86D2-4876-97FE-58BECF6F6D4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F56E35-3B47-4133-91A5-9EFC90181B58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access."
    },
    {
      "lang": "es",
      "value": "Confusi\u00f3n de tipos en Content Protection HECI Service en Intel Graphics Driver permite que usuarios sin privilegios eleven privilegios mediante acceso local."
    }
  ],
  "id": "CVE-2017-5717",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-12-12T20:29:00.287",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.exploit-db.com/exploits/43373/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/43373/"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-704"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

WID-SEC-W-2023-0821

Vulnerability from csaf_certbund

Published

2017-12-12 23:00

Modified

2023-04-02 22:00

Summary

Intel Graphic Driver: Schwachstelle ermöglicht Privilegieneskalation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Intel ist ein Hersteller von Grafikkarten. Ein Grafiktreiber, ist eine Software, die eine Interaktion mit angeschlossenen, eingebauten (Hardware) oder virtuellen Geräten ermöglichst.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Intel Graphic Driver ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Intel ist ein Hersteller von Grafikkarten. Ein Grafiktreiber, ist eine Software, die eine Interaktion mit angeschlossenen, eingebauten (Hardware) oder virtuellen Ger\u00e4ten erm\u00f6glichst.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Intel Graphic Driver ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0821 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2023-0821.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0821 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0821"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2023-013 vom 2023-04-01",
        "url": "https://www.dell.com/support/kbdoc/de-de/000207439/dsa-2023-013-dell-client-security-update-for-a-bios-vulnerability"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-00095 vom 2017-12-12",
        "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-15570 vom 2018-07-27",
        "url": "https://support.lenovo.com/de/de/solutions/len-15570"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel Graphic Driver: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2023-04-02T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:47:43.844+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-0821",
      "initial_release_date": "2017-12-12T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2017-12-12T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2017-12-12T23:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-07-29T22:00:00.000+00:00",
          "number": "3",
          "summary": "New remediations available"
        },
        {
          "date": "2018-07-29T22:00:00.000+00:00",
          "number": "4",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2023-04-02T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell BIOS",
            "product": {
              "name": "Dell BIOS",
              "product_id": "T016637",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:bios:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c 15.60.0.4849",
                "product": {
                  "name": "Intel Graphics Driver \u003c 15.60.0.4849",
                  "product_id": "T011410",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:15.60.0.4849"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c 15.45.21.4821",
                "product": {
                  "name": "Intel Graphics Driver \u003c 15.45.21.4821",
                  "product_id": "T011411",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:15.45.21.4821"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c 15.40.37.4835",
                "product": {
                  "name": "Intel Graphics Driver \u003c 15.40.37.4835",
                  "product_id": "T011412",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:15.40.37.4835"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c= 15.36.x.4880",
                "product": {
                  "name": "Intel Graphics Driver \u003c= 15.36.x.4880",
                  "product_id": "T011413",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:15.36.x.4880"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c= 10.18.x.4880",
                "product": {
                  "name": "Intel Graphics Driver \u003c= 10.18.x.4880",
                  "product_id": "T011414",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:10.18.x.4880"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Graphics Driver"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T006520",
              "product_identification_helper": {
                "cpe": "cpe:/o:lenovo:lenovo_computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5717",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Intel Graphic Driver. Ein angemeldeter, lokaler Angreifer kann eine \"Type Confusion\" Schwachstelle nutzen, um seine Privilegien zu erh\u00f6hen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006520",
          "T016637"
        ],
        "last_affected": [
          "T011414",
          "T011413"
        ]
      },
      "release_date": "2017-12-12T23:00:00.000+00:00",
      "title": "CVE-2017-5717"
    }
  ]
}

wid-sec-w-2023-0821

Vulnerability from csaf_certbund

Published

2017-12-12 23:00

Modified

2023-04-02 22:00

Summary

Intel Graphic Driver: Schwachstelle ermöglicht Privilegieneskalation

Notes

Produktbeschreibung

Intel ist ein Hersteller von Grafikkarten. Ein Grafiktreiber, ist eine Software, die eine Interaktion mit angeschlossenen, eingebauten (Hardware) oder virtuellen Geräten ermöglichst.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Intel Graphic Driver ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Intel ist ein Hersteller von Grafikkarten. Ein Grafiktreiber, ist eine Software, die eine Interaktion mit angeschlossenen, eingebauten (Hardware) oder virtuellen Ger\u00e4ten erm\u00f6glichst.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Intel Graphic Driver ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0821 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2023-0821.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0821 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0821"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2023-013 vom 2023-04-01",
        "url": "https://www.dell.com/support/kbdoc/de-de/000207439/dsa-2023-013-dell-client-security-update-for-a-bios-vulnerability"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-00095 vom 2017-12-12",
        "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-15570 vom 2018-07-27",
        "url": "https://support.lenovo.com/de/de/solutions/len-15570"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel Graphic Driver: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2023-04-02T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:47:43.844+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-0821",
      "initial_release_date": "2017-12-12T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2017-12-12T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2017-12-12T23:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-07-29T22:00:00.000+00:00",
          "number": "3",
          "summary": "New remediations available"
        },
        {
          "date": "2018-07-29T22:00:00.000+00:00",
          "number": "4",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2023-04-02T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell BIOS",
            "product": {
              "name": "Dell BIOS",
              "product_id": "T016637",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:bios:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c 15.60.0.4849",
                "product": {
                  "name": "Intel Graphics Driver \u003c 15.60.0.4849",
                  "product_id": "T011410",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:15.60.0.4849"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c 15.45.21.4821",
                "product": {
                  "name": "Intel Graphics Driver \u003c 15.45.21.4821",
                  "product_id": "T011411",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:15.45.21.4821"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c 15.40.37.4835",
                "product": {
                  "name": "Intel Graphics Driver \u003c 15.40.37.4835",
                  "product_id": "T011412",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:15.40.37.4835"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c= 15.36.x.4880",
                "product": {
                  "name": "Intel Graphics Driver \u003c= 15.36.x.4880",
                  "product_id": "T011413",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:15.36.x.4880"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Graphics Driver \u003c= 10.18.x.4880",
                "product": {
                  "name": "Intel Graphics Driver \u003c= 10.18.x.4880",
                  "product_id": "T011414",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:intel:graphic_driver:10.18.x.4880"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Graphics Driver"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T006520",
              "product_identification_helper": {
                "cpe": "cpe:/o:lenovo:lenovo_computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5717",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Intel Graphic Driver. Ein angemeldeter, lokaler Angreifer kann eine \"Type Confusion\" Schwachstelle nutzen, um seine Privilegien zu erh\u00f6hen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006520",
          "T016637"
        ],
        "last_affected": [
          "T011414",
          "T011413"
        ]
      },
      "release_date": "2017-12-12T23:00:00.000+00:00",
      "title": "CVE-2017-5717"
    }
  ]
}

gsd-2017-5717

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.

Aliases

CVE-2017-5717

Aliases

CVE-2017-5717

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5717",
    "description": "Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.",
    "id": "GSD-2017-5717",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2017-5717"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5717"
      ],
      "details": "Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.",
      "id": "GSD-2017-5717",
      "modified": "2023-12-13T01:21:13.175652Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "DATE_PUBLIC": "2017-12-12T00:00:00",
        "ID": "CVE-2017-5717",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel Graphics Driver",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "15.49/15.47/15.46/15.45/15.40/15.36/15.33"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Intel Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Elevation of Privilege"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "43373",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/43373/"
          },
          {
            "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr",
            "refsource": "CONFIRM",
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.46:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.49:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.47:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-5717"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-704"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
            },
            {
              "name": "43373",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/43373/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-12-27T17:08Z",
      "publishedDate": "2017-12-12T20:29Z"
    }
  }
}

var-201712-0416

Vulnerability from variot

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access. Intel is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to execute arbitrary code with elevated privileges. Intel Graphics Driver is an integrated graphics driver developed by Intel Corporation. Content Protection HECI Service is one of the content protection services. The following versions are affected: Intel Graphics Driver version 15.49, version 15.47, version 15.46, version 15.45, version 15.40, version 15.36, version 15.33

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201712-0416",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "intel",
        "version": "15.49"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "intel",
        "version": "15.47"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "intel",
        "version": "15.46"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "intel",
        "version": "15.45"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "intel",
        "version": "15.40"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "intel",
        "version": "15.36"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "intel",
        "version": "15.33"
      },
      {
        "model": "graphics driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "102221"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5717"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:intel:graphics_driver",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "James Forshaw of Google??s Project Zero.",
    "sources": [
      {
        "db": "BID",
        "id": "102221"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-5717",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-5717",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-113920",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2017-5717",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5717",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-5717",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201712-405",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113920",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113920"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5717"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access. Intel is prone to a local privilege-escalation vulnerability. \nLocal attackers may exploit this issue to execute arbitrary code with elevated privileges. Intel Graphics Driver is an integrated graphics driver developed by Intel Corporation. Content Protection HECI Service is one of the content protection services. The following versions are affected: Intel Graphics Driver version 15.49, version 15.47, version 15.46, version 15.45, version 15.40, version 15.36, version 15.33",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "db": "BID",
        "id": "102221"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113920"
      }
    ],
    "trust": 1.98
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-113920",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113920"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5717",
        "trust": 2.8
      },
      {
        "db": "EXPLOIT-DB",
        "id": "43373",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "102221",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "145488",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-113920",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113920"
      },
      {
        "db": "BID",
        "id": "102221"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5717"
      }
    ]
  },
  "id": "VAR-201712-0416",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113920"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:22:20.559000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00095",
        "trust": 0.8,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
      },
      {
        "title": "Intel Graphics Driver Content Protection HECI Service Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77115"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-704",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113920"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5717"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00095\u0026languageid=en-fr"
      },
      {
        "trust": 1.1,
        "url": "https://www.exploit-db.com/exploits/43373/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5717"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5717"
      },
      {
        "trust": 0.3,
        "url": "http://www.intel.com/"
      },
      {
        "trust": 0.3,
        "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1358\u0026can=1\u0026q=\u0026sort=-modified%20-id\u0026colspec=id%20status%20owner%20summary%20modified%20cve"
      },
      {
        "trust": 0.1,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00095\u0026amp;languageid=en-fr"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113920"
      },
      {
        "db": "BID",
        "id": "102221"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5717"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-113920"
      },
      {
        "db": "BID",
        "id": "102221"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5717"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-12-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113920"
      },
      {
        "date": "2017-12-12T00:00:00",
        "db": "BID",
        "id": "102221"
      },
      {
        "date": "2018-01-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "date": "2017-12-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      },
      {
        "date": "2017-12-12T20:29:00.287000",
        "db": "NVD",
        "id": "CVE-2017-5717"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-12-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113920"
      },
      {
        "date": "2017-12-12T00:00:00",
        "db": "BID",
        "id": "102221"
      },
      {
        "date": "2018-01-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      },
      {
        "date": "2017-12-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      },
      {
        "date": "2024-11-21T03:28:17.597000",
        "db": "NVD",
        "id": "CVE-2017-5717"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "102221"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel Vulnerability related to illegal type conversion in graphics driver",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011321"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-405"
      }
    ],
    "trust": 0.6
  }
}

ghsa-p7rr-mjwc-j7xm

Vulnerability from github

Published

2022-05-14 04:03

Modified

2025-04-20 03:49

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-5717"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-12-12T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.",
  "id": "GHSA-p7rr-mjwc-j7xm",
  "modified": "2025-04-20T03:49:49Z",
  "published": "2022-05-14T04:03:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5717"
    },
    {
      "type": "WEB",
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/43373"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-5717 (GCVE-0-2017-5717)

Vulnerability from cvelistv5

cnvd-2018-00668

Vulnerability from cnvd

fkie_cve-2017-5717

Vulnerability from fkie_nvd

WID-SEC-W-2023-0821

Vulnerability from csaf_certbund

wid-sec-w-2023-0821

Vulnerability from csaf_certbund

gsd-2017-5717

Vulnerability from gsd

var-201712-0416

Vulnerability from variot

ghsa-p7rr-mjwc-j7xm

Vulnerability from github

Tags

Sightings

Nomenclature