var-201712-0147
Vulnerability from variot
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how Internet Explorer handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. Automatic DNS registration and autodiscovery functionality provides an opportunity for the misconfiguration of networks, resulting in a loss of confidentiality and integrity of the network if an attacker on the network adds a specially configured proxy device. Router DNS The dynamic registration / update function is enabled and the client PC In the network where the auto-detection function is enabled in "wpad" If a device with the host name is added to the network, the contents of the communication may be obtained or altered. Used in home and office (Google WiFi And Ubiquiti UniFi General including etc. ) In routers, often DNS Dynamic registration / update function is used. DNS Dynamic registration / update function DHCP Use the host name sent from the client side in the request as it is A Records are automatically registered / updated. An attacker with access to the network "wpad" And "isatap" A device with a host name of DNS By registering with, you may attract access to the device and attack it. Also, the discoverer mDNS Clients in the network without using a router PC In "wpad" And "isatap" It is confirmed that it can be accessed in combination with the automatic detection function. WPAD About proxy auto-configuration by so-called Nora DHCP Server or higher DNS On the server Has been considered a problem But, LAN/WLAN There was no mention of the internal auto-configuration function. This problem, Arctic Security Company Ossi Salmi , Mika Seppanen , Marko Laakso , Kasper Kyllonen Discovered and verified by NCSC-FI Made adjustments.In an internal network, an attacker "wpad" If a device with the host name is added to the network, the device can be used as an attack proxy, and as a result, the contents of the communication may be obtained or altered. Vendors have scripted this vulnerability It has been released as “Engine Memory Corruption Vulnerability”. This vulnerability CVE-2017-11886 , CVE-2017-11889 , CVE-2017-11890 , CVE-2017-11893 , CVE-2017-11894 , CVE-2017-11895 , CVE-2017-11901 , CVE-2017-11903 , CVE-2017-11905 , CVE-2017-11908 , CVE-2017-11909 , CVE-2017-11910 , CVE-2017-11911 , CVE-2017-11912 , CVE-2017-11913 , CVE-2017-11914 , CVE-2017-11916 , CVE-2017-11918 , Oh CVE-2017-11930 Is a different vulnerability.An attacker could gain the same user rights as the current user. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 9, 10 and 11 are vulnerable
Show details on source website{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201712-0147",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "internet explorer",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "microsoft",
        "version": "9"
      },
      {
        "model": "internet explorer",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "microsoft",
        "version": "11"
      },
      {
        "model": "internet explorer",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "microsoft",
        "version": "10"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "adtran",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "mikrotik",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "pi hole",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "synology",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "tippingpoint",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ubiquiti",
        "version": null
      },
      {
        "model": "",
        "scope": null,
        "trust": 0.8,
        "vendor": "multiple vendors",
        "version": null
      },
      {
        "model": "wpad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wpad",
        "version": "0"
      },
      {
        "model": "skynas",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "0"
      },
      {
        "model": "router manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "1.1"
      },
      {
        "model": "dsm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "6.2"
      },
      {
        "model": "dsm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "6.1"
      },
      {
        "model": "dsm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "5.2"
      },
      {
        "model": "total access 900/900e series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "0"
      },
      {
        "model": "sdx 810-rg",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "0"
      },
      {
        "model": "netvanta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "60000"
      },
      {
        "model": "netvanta series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "6000"
      },
      {
        "model": "netvanta series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "5000"
      },
      {
        "model": "netvanta series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "4000"
      },
      {
        "model": "netvanta series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "3000"
      },
      {
        "model": "netvanta series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "10000"
      },
      {
        "model": "aos r13.2.2",
        "scope": null,
        "trust": 0.3,
        "vendor": "adtran",
        "version": null
      },
      {
        "model": "434rg ont",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "0"
      },
      {
        "model": "424rg ont",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "0"
      },
      {
        "model": "414rg ont",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adtran",
        "version": "0"
      },
      {
        "model": "router manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "synology",
        "version": "1.1.7-6941-2"
      },
      {
        "model": "dsm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "synology",
        "version": "6.2.1-23824"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#598349"
      },
      {
        "db": "BID",
        "id": "105298"
      },
      {
        "db": "BID",
        "id": "102045"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-014029"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ossi Salmi, Mika Seppanen, Marko Laakso and Kasper Kyllonen of Arctic Security",
    "sources": [
      {
        "db": "BID",
        "id": "105298"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-11907",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "CVE-2017-11907",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 1.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-11907",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 1.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-11907",
            "trust": 1.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201712-389",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-11907",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-11907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how Internet Explorer handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. Automatic DNS registration and autodiscovery functionality provides an opportunity for the misconfiguration of networks, resulting in a loss of confidentiality and integrity of the network if an attacker on the network adds a specially configured proxy device. Router DNS The dynamic registration / update function is enabled and the client PC In the network where the auto-detection function is enabled in \"wpad\" If a device with the host name is added to the network, the contents of the communication may be obtained or altered. Used in home and office (Google WiFi And Ubiquiti UniFi General including etc. ) In routers, often DNS Dynamic registration / update function is used. DNS Dynamic registration / update function DHCP Use the host name sent from the client side in the request as it is A Records are automatically registered / updated. An attacker with access to the network \"wpad\" And \"isatap\" A device with a host name of DNS By registering with, you may attract access to the device and attack it. Also, the discoverer mDNS Clients in the network without using a router PC In \"wpad\" And \"isatap\" It is confirmed that it can be accessed in combination with the automatic detection function. WPAD About proxy auto-configuration by so-called Nora DHCP Server or higher DNS On the server \u003ca href=\"https://googleprojectzero.blogspot.fi/2017/12/apacolypse-now-exploiting-windows-10-in_18.html\"target=\"blank\"\u003e Has been considered a problem \u003c/a\u003e But, LAN/WLAN There was no mention of the internal auto-configuration function. This problem, Arctic Security Company Ossi Salmi , Mika Seppanen , Marko Laakso , Kasper Kyllonen Discovered and verified by NCSC-FI Made adjustments.In an internal network, an attacker \"wpad\" If a device with the host name is added to the network, the device can be used as an attack proxy, and as a result, the contents of the communication may be obtained or altered. Vendors have scripted this vulnerability It has been released as \u201cEngine Memory Corruption Vulnerability\u201d. This vulnerability CVE-2017-11886 , CVE-2017-11889 , CVE-2017-11890 , CVE-2017-11893 , CVE-2017-11894 , CVE-2017-11895 , CVE-2017-11901 , CVE-2017-11903 , CVE-2017-11905 , CVE-2017-11908 , CVE-2017-11909 , CVE-2017-11910 , CVE-2017-11911 , CVE-2017-11912 , CVE-2017-11913 , CVE-2017-11914 , CVE-2017-11916 , CVE-2017-11918 , Oh CVE-2017-11930 Is a different vulnerability.An attacker could gain the same user rights as the current user. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. \nInternet Explorer 9, 10 and 11 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-11907"
      },
      {
        "db": "CERT/CC",
        "id": "VU#598349"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-014029"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "db": "BID",
        "id": "105298"
      },
      {
        "db": "BID",
        "id": "102045"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-11907"
      }
    ],
    "trust": 3.69
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43370",
        "trust": 0.1,
        "type": "exploit"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-11907",
        "trust": 2.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#598349",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "102045",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1039991",
        "trust": 1.7
      },
      {
        "db": "EXPLOIT-DB",
        "id": "43370",
        "trust": 1.7
      },
      {
        "db": "EXPLOIT-DB",
        "id": "43367",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU99302544",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-014029",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-389",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "105298",
        "trust": 0.3
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-11907",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#598349"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-11907"
      },
      {
        "db": "BID",
        "id": "105298"
      },
      {
        "db": "BID",
        "id": "102045"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-014029"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "id": "VAR-201712-0147",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.1625
  },
  "last_update_date": "2022-05-06T12:59:16.669000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "CVE-2017-11907 | Scripting Engine Memory Corruption Vulnerability",
        "trust": 0.8,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-11907"
      },
      {
        "title": "CVE-2017-11907 | \u30b9\u30af\u30ea\u30d7\u30c8 \u30a8\u30f3\u30b8\u30f3\u306e\u30e1\u30e2\u30ea\u7834\u640d\u306e\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2017-11907"
      },
      {
        "title": "Microsoft Windows Internet Explorer scripting Repair measures for engine security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77099"
      },
      {
        "title": "CVE-2017-11907",
        "trust": 0.1,
        "url": "https://github.com/re4lity/cve-2017-11907 "
      },
      {
        "title": "domato",
        "trust": 0.1,
        "url": "https://github.com/googleprojectzero/domato "
      },
      {
        "title": "js-vuln-db",
        "trust": 0.1,
        "url": "https://github.com/tunz/js-vuln-db "
      },
      {
        "title": "Exp101tsArchiv30thers",
        "trust": 0.1,
        "url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers "
      },
      {
        "title": "awesome-cve-poc_qazbnm456",
        "trust": 0.1,
        "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/project-zero-chains-bugs-for-apacolypse-now-attack-on-windows-10/129193/"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/microsoft-december-patch-tuesday-update-fixes-34-bugs/129154/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-11907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-11907"
      },
      {
        "trust": 1.8,
        "url": "https://www.exploit-db.com/exploits/43370/"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/102045"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1039991"
      },
      {
        "trust": 1.6,
        "url": "https://googleprojectzero.blogspot.fi/2017/12/apacolypse-now-exploiting-windows-10-in_18.html"
      },
      {
        "trust": 1.2,
        "url": "https://www.kb.cert.org/vuls/id/598349"
      },
      {
        "trust": 1.1,
        "url": "https://supportforums.adtran.com/docs/doc-9269"
      },
      {
        "trust": 0.8,
        "url": "https://www.exploit-db.com/exploits/43367/"
      },
      {
        "trust": 0.8,
        "url": "https://community.ubnt.com/t5/unifi-updates-blog/usg-firmware-v4-4-28-now-available/ba-p/2482349"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99302544/"
      },
      {
        "trust": 0.8,
        "url": "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2018/haavoittuvuus-2018-019.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11907"
      },
      {
        "trust": 0.8,
        "url": "https://www.ipa.go.jp/security/ciadr/vul/20171213-ms.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2017/at170048.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-11907"
      },
      {
        "trust": 0.3,
        "url": "https://googleprojectzero.blogspot.com/2017/12/apacolypse-now-exploiting-windows-10-in_18.html"
      },
      {
        "trust": 0.3,
        "url": "https://www.synology.com/en-global/support/security/synology_sa_18_53"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com/ie/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.rapid7.com/db/vulnerabilities/msft-cve-2017-11907"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/re4lity/cve-2017-11907"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#598349"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-11907"
      },
      {
        "db": "BID",
        "id": "105298"
      },
      {
        "db": "BID",
        "id": "102045"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-014029"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#598349"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-11907"
      },
      {
        "db": "BID",
        "id": "105298"
      },
      {
        "db": "BID",
        "id": "102045"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-014029"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-09-05T00:00:00",
        "db": "CERT/CC",
        "id": "VU#598349"
      },
      {
        "date": "2017-12-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-11907"
      },
      {
        "date": "2018-09-05T00:00:00",
        "db": "BID",
        "id": "105298"
      },
      {
        "date": "2017-12-12T00:00:00",
        "db": "BID",
        "id": "102045"
      },
      {
        "date": "2018-09-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-014029"
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "date": "2017-12-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      },
      {
        "date": "2017-12-12T21:29:00",
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-23T00:00:00",
        "db": "CERT/CC",
        "id": "VU#598349"
      },
      {
        "date": "2019-04-25T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-11907"
      },
      {
        "date": "2018-09-05T00:00:00",
        "db": "BID",
        "id": "105298"
      },
      {
        "date": "2017-12-19T22:38:00",
        "db": "BID",
        "id": "102045"
      },
      {
        "date": "2018-09-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-014029"
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-011111"
      },
      {
        "date": "2019-04-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      },
      {
        "date": "2019-04-25T19:13:00",
        "db": "NVD",
        "id": "CVE-2017-11907"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "105298"
      },
      {
        "db": "BID",
        "id": "102045"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Automatic DNS registration and proxy autodiscovery allow spoofing of network services",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#598349"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-389"
      }
    ],
    "trust": 0.6
  }
}
  Sightings
| Author | Source | Type | Date | 
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.