CVE-2017-0101
The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."
Published
2017-03-17T00:59:02.743
Last Modified
2025-04-20T01:37:25.860
Status
Deferred
Source
[email protected]
Severity
CVSSv3.1: 7.8 (HIGH)
CVSSv2 Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
- Access Vector: NETWORK
- Access Complexity: MEDIUM
- Authentication: NONE
- Confidentiality Impact: PARTIAL
- Integrity Impact: PARTIAL
- Availability Impact: PARTIAL
Exploitability Score
8.6
Impact Score
6.4
Weaknesses
-
Type: Primary
CWE-119
-
Type: Secondary
CWE-119
Affected Vendors & Products
References
-
http://www.securityfocus.com/bid/96625
Broken Link, Third Party Advisory, VDB Entry
([email protected])
-
http://www.securitytracker.com/id/1038013
Broken Link, Third Party Advisory, VDB Entry
([email protected])
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101
Patch, Vendor Advisory
([email protected])
-
https://www.exploit-db.com/exploits/44479/
Exploit, Third Party Advisory, VDB Entry
([email protected])
-
http://www.securityfocus.com/bid/96625
Broken Link, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securitytracker.com/id/1038013
Broken Link, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101
Patch, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://www.exploit-db.com/exploits/44479/
Exploit, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)