VYPR
High severity7.5NVD Advisory· Published Apr 12, 2017· Updated Jun 17, 2026

CVE-2017-0158

CVE-2017-0158

Description

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."

Affected products

15
  • cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
  • Microsoft/Windows3 versions
    cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
    • (no CPE)
    • (no CPE)range: Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.