High severity8.1NVD Advisory· Published Mar 17, 2017· Updated May 13, 2026

CVE-2017-0104

Description

The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerability."

Affected products

Microsoft/Windows Server 20082 versions
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*
Microsoft/Windows Server 20122 versions
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Microsoft/Windows Server 2016
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
Microsoft Corporation/iSNS Serverv5
Range: The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0104nvdPatchVendor Advisory
www.securityfocus.com/bid/96697nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038001nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.028
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000