High severity7.8NVD Advisory· Published Apr 12, 2017· Updated May 13, 2026

CVE-2017-0160

Description

Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."

Affected products

Microsoft/.net Framework8 versions
cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
Microsoft Corporation/.NET Frameworkv5
Range: .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0160nvdPatchVendor Advisory
www.securityfocus.com/bid/97447nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038236nvd
www.exploit-db.com/exploits/41903/nvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.010
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000