CVE-2017-0006

CVE: CVE-2017-0006
Published: 2017-03-17T00:59Z
Vendor: microsoft
Products: office_compatibility_pack
Versions: *,
excel_viewer
Versions: *,
sharepoint_server
Versions: 2007,
excel
Versions: 2007,
Description Language: en
Description: Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka “Microsoft Office Memory Corruption Vulnerability.” This vulnerability is different from those described in CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053.
References:
http://www.securityfocus.com/bid/96740
http://www.securitytracker.com/id/1038010
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0006

CVE-2017-0005

CVE: CVE-2017-0005
Published: 2017-03-17T00:59Z
Vendor: microsoft
Products: windows_10
Versions: 1607, 1511, -,
windows_server_2012
Versions: r2, -,
windows_vista
Versions: *,
windows_8.1
Versions: *,
windows_server_2008
Versions: r2, *,
windows_rt_8.1
Versions: *,
windows_7
Versions: *,
Description Language: en
Description: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka “Windows GDI Elevation of Privilege Vulnerability.” This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0025, and CVE-2017-0047.
References:
http://www.securityfocus.com/bid/96033
http://www.securitytracker.com/id/1038002
https://blogs.technet.microsoft.com/mmpc/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0005

CVE-2017-0001

CVE: CVE-2017-0001
Published: 2017-03-17T00:59Z
Vendor: microsoft
Products: windows_10
Versions: 1607, 1511, -,
windows_server_2012
Versions: r2, -,
windows_vista
Versions: *,
windows_8.1
Versions: *,
windows_server_2008
Versions: r2, *,
windows_rt_8.1
Versions: *,
windows_7
Versions: *,
Description Language: en
Description: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka “Windows GDI Elevation of Privilege Vulnerability.” This vulnerability is different from those described in CVE-2017-0005, CVE-2017-0025, and CVE-2017-0047.
References:
http://www.securityfocus.com/bid/96057
http://www.securitytracker.com/id/1038002
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0001

CVE-2017-0001

CVE: CVE-2017-0001
Published: 2017-03-17T00:59Z
Vendor: microsoft
Products: windows_10
Versions: 1607, 1511, -,
windows_server_2012
Versions: r2, -,
windows_vista
Versions: *,
windows_8.1
Versions: *,
windows_server_2008
Versions: r2, *,
windows_rt_8.1
Versions: *,
windows_7
Versions: *,
Description Language: en
Description: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka “Windows GDI Elevation of Privilege Vulnerability.” This vulnerability is different from those described in CVE-2017-0005, CVE-2017-0025, and CVE-2017-0047.
References:
http://www.securityfocus.com/bid/96057
http://www.securitytracker.com/id/1038002
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0001

CVE-2017-0037

CVE: CVE-2017-0037
Published: 2017-02-26T23:59Z
Vendor: microsoft
Products: internet_explorer
Versions: 11,
edge
Versions: *,
Description Language: en
Description: Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.
References:
http://www.securityfocus.com/bid/96088
http://www.securitytracker.com/id/1037905
http://www.securitytracker.com/id/1037906
https://0patch.blogspot.si/2017/03/0patching-another-0-day-internet.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=1011
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0037
https://www.exploit-db.com/exploits/41454/
https://www.exploit-db.com/exploits/42354/

CVE-2017-0038

CVE: CVE-2017-0038
Published: 2017-02-20T16:59Z
Vendor: microsoft
Products: windows_10
Versions: 1607, 1511, -,
windows_server_2012
Versions: r2, -,
windows_vista
Versions: *,
windows_8.1
Versions: *,
windows_server_2008
Versions: r2, *,
windows_server_2016
Versions: *,
windows_rt_8.1
Versions: *,
windows_7
Versions: *,
Description Language: en
Description: gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220.
References:
http://www.securityfocus.com/bid/96023
http://www.securitytracker.com/id/1037845
https://0patch.blogspot.com/2017/02/0patching-0-day-windows-gdi32dll-memory.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=992
https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0038
https://www.exploit-db.com/exploits/41363/

CVE-2017-0004

CVE: CVE-2017-0004
Published: 2017-01-10T21:59Z
Vendor: microsoft
Products: windows_vista
Versions: -,
windows_server_2008
Versions: r2, -,
windows_7
Versions: -,
Description Language: en
Description: The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to cause a denial of service (reboot) via a crafted authentication request, aka “Local Security Authority Subsystem Service Denial of Service Vulnerability.”
References:
http://technet.microsoft.com/security/bulletin/MS17-004
http://www.securityfocus.com/bid/95318
http://www.securitytracker.com/id/1037571

CVE-2017-0003

CVE: CVE-2017-0003
Published: 2017-01-10T21:59Z
Vendor: microsoft
Products: sharepoint_enterprise_server
Versions: 2016,
word
Versions: 2016,
Description Language: en
Description: Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka “Microsoft Office Memory Corruption Vulnerability.”
References:
http://fortiguard.com/advisory/FG-VD-16-079
http://technet.microsoft.com/security/bulletin/MS17-002
http://www.securityfocus.com/bid/95287
http://www.securitytracker.com/id/1037568
http://www.securitytracker.com/id/1037569

CVE-2017-0002

CVE: CVE-2017-0002
Published: 2017-01-10T21:59Z
Vendor: microsoft
Products: edge
Versions: *,
Description Language: en
Description: Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka “Microsoft Edge Elevation of Privilege Vulnerability.”
References:
http://technet.microsoft.com/security/bulletin/MS17-001
http://www.securityfocus.com/bid/95284
http://www.securitytracker.com/id/1037573