High severity7.5NVD Advisory· Published Apr 12, 2017· Updated Jun 17, 2026
CVE-2017-0158
CVE-2017-0158
Description
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."
Affected products
15cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0158nvdPatchVendor Advisory
- www.securityfocus.com/bid/97455nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038238nvd
News mentions
0No linked articles in our index yet.