Executive Summary

Informations
NameCVE-2017-0005First vendor Publication2017-03-16
VendorCveLast vendor Modification2019-10-02

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score6.9Attack RangeLocal
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score3.4AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0025, and CVE-2017-0047.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0005

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Os3
Os1
Os1
Os1
Os2
Os2
Os1

Snort® IPS/IDS

DateDescription
2017-04-14Microsoft Windows GDI WMF out of bounds read attempt
RuleID : 41994 - Revision : 2 - Type : OS-WINDOWS
2017-04-14Microsoft Windows GDI WMF out of bounds read attempt
RuleID : 41993 - Revision : 2 - Type : OS-WINDOWS
2017-04-12GDI+ malformed EMF comment heap access violation attempt
RuleID : 41971 - Revision : 1 - Type : FILE-IMAGE
2017-04-12GDI+ malformed EMF comment heap access violation attempt
RuleID : 41970 - Revision : 1 - Type : FILE-IMAGE
2017-04-12GDI+ malformed EMF description out of bounds read attempt
RuleID : 41947 - Revision : 3 - Type : FILE-IMAGE
2017-04-12Microsoft GDI+ malformed EMF description out of bounds read attempt
RuleID : 41946 - Revision : 3 - Type : FILE-IMAGE
2017-04-12Microsoft Windows Uniscribe privilege escalation attempt
RuleID : 41933 - Revision : 2 - Type : FILE-OTHER
2017-04-12Microsoft Windows Uniscribe privilege escalation attempt
RuleID : 41932 - Revision : 2 - Type : FILE-OTHER
2017-03-14Microsoft Windows GDI privilege escalation attempt
RuleID : 41592 - Revision : 4 - Type : OS-WINDOWS
2017-03-14Microsoft Windows GDI privilege escalation attempt
RuleID : 41591 - Revision : 4 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2017-06-14Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms17_jun_windows8.nasl - Type : ACT_GATHER_INFO
2017-03-17Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms17-013.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/96033
CONFIRM https://blogs.technet.microsoft.com/mmpc/2017/03/27/detecting-and-mitigating-...
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0005
SECTRACK http://www.securitytracker.com/id/1038002

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2019-10-03 09:19:46
  • Multiple Updates
2017-07-12 09:22:50
  • Multiple Updates
2017-03-31 09:24:25
  • Multiple Updates
2017-03-24 17:22:47
  • Multiple Updates
2017-03-18 13:24:38
  • Multiple Updates
2017-03-18 09:24:24
  • Multiple Updates
2017-03-17 09:24:11
  • First insertion