Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0102: Windows Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2017-0102: Windows Elevation of Privilege Vulnerability

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

03/14/2017

Created

07/25/2018

Added

03/14/2017

Modified

02/16/2023

Description

An elevation of privilege vulnerability exists when Windows fails to check the length of a buffer prior to copying memory to it. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would first need access to the target system and have the ability to copy a file to a shared folder or drive. The security update addresses the vulnerability by correcting the way that Windows validates the buffer lengths.

Solution(s)

msft-kb4011981-1f4fc5b8-2859-40cb-bfe2-d5bc92836c80
msft-kb4011981-28b943a1-5e63-4a2c-b246-7a021bc926de
msft-kb4011981-34acb665-53e5-4d30-b959-0bab7c3b2fbc
msft-kb4011981-35a03a1e-f2ae-467d-800d-79c51be5db60
msft-kb4011981-4bed74fc-6c58-4d62-b87d-a96ae7e7858b
msft-kb4011981-711bcb94-06eb-4f78-8df8-8dcb254cae96
msft-kb4012212-13c36c25-fee4-429f-933e-f93ebfbb91f5
msft-kb4012212-36e1591a-f6d3-44d2-aa25-540234b7eb36
msft-kb4012212-4ee6f09d-38d9-47ef-8ba9-dd802352b8ee
msft-kb4012212-652eea96-c2e8-4548-8f9a-40964e5e6a74
msft-kb4012212-c682d11d-fc2e-4852-9da7-c2198958bf6c
msft-kb4012212-fb31138f-b6a5-499c-9eb6-5b5f9fff6bfd
msft-kb4012213-317ca43c-7dfe-4e04-8a21-2c6c4ab4fbb9
msft-kb4012213-5d351df3-6efb-4b17-93e0-b0e3a5babbc3
msft-kb4012213-80bc2b42-a953-4096-8595-130e9a9c9fb9
msft-kb4012214-1949e6d5-95b0-4e90-acfb-73c9d295fbbf
msft-kb4012214-57dbd57f-89b2-4abb-8582-14fc17870bb8
msft-kb4012214-b4d71d8b-1f2d-4958-ad08-e379293d71e8
msft-kb4012606-384d5679-3c34-433f-8564-66fc5136a5e9
msft-kb4012606-6a38fe85-98ba-4ce2-b4eb-aed947d5c203
msft-kb4013198-477b54b9-913d-4c4e-8da8-01e0b4cf15ce
msft-kb4013198-6d9f75f7-d998-4188-a935-7603f4e51a4d
msft-kb4013429-724ee219-b949-4d44-9e02-e464c6062ae4
msft-kb4013429-74b1fe65-bd6b-4b76-a624-8674748898f2
msft-kb4013429-e29d1b22-493d-44dd-8857-7c6c7cb6d84c

References

https://attackerkb.com/topics/cve-2017-0102
CVE - 2017-0102
4011981
4012212
4012213
4012214
4012215
4012216
4012217
4012606
4013198
4013429
MS17-006
MS17-008
MS17-017

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0102: Windows Elevation of Privilege Vulnerability

Microsoft CVE-2017-0102: Windows Elevation of Privilege Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.