CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-8589

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile17.25th
Published2017年7月11日
Last Modified2026年5月13日

Vulnerability Description

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability".

Affected Platforms (CPE)

💻
Microsoft

Windows 10

All versions
💻
Microsoft

Windows 10

= 1511
💻
Microsoft

Windows 10

= 1607
💻
Microsoft

Windows 10

= 1703
💻
Microsoft

Windows 7

All versions
💻
Microsoft

Windows 8.1

All versions
💻
Microsoft

Windows Rt 8.1

All versions
💻
Microsoft

Windows Server 2008

All versions
💻
Microsoft

Windows Server 2008

= r2
💻
Microsoft

Windows Server 2012

All versions
💻
Microsoft

Windows Server 2012

= r2
💻
Microsoft

Windows Server 2016

All versions

References & Advisories

🔗 http://www.securityfocus.com/bid/99425
🔗 http://www.securitytracker.com/id/1038866
🔗 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8589
🔗 http://www.securityfocus.com/bid/99425
🔗 http://www.securitytracker.com/id/1038866
🔗 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8589

相關漏洞威脅

CVE-2019-568410.0

NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader ...

CVE-2020-079610.0

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles cer...

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2020-1238810.0

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this iss...