Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2017-0201: Scripting Engine Memory Corruption Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2017-0201: Scripting Engine Memory Corruption Vulnerability

Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
04/11/2017
Created
07/25/2018
Added
04/11/2017
Modified
09/06/2024

Description

A remote code execution vulnerability exists in Internet Explorer in the way that the JScript and VBScript engines render when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0093.

Solution(s)

  • microsoft-windows-windows_server_2012-kb4014661
  • msft-kb4014661-1003d1c9-77ae-464d-991a-1c69770191a1
  • msft-kb4014661-2ee647cf-e1d6-4fc9-9d91-c98b3860ec2e
  • msft-kb4014661-34b4de40-550c-4678-92cf-cbbe9e1829dc
  • msft-kb4014661-3b2b92cc-468e-43be-b281-078a1b4453d8
  • msft-kb4014661-663ae5f1-e575-41a5-88f2-5961a9730ae0
  • msft-kb4014661-8744404f-1dee-4f5b-8845-6e7b82b7a77a
  • msft-kb4014661-9e09e031-7c51-40a0-9c3d-d19efdc5e27e
  • msft-kb4014661-9fa562e4-60ee-48de-bfbb-876d301adf99
  • msft-kb4014661-b0b05fb5-400b-4423-ad26-71d182e93a4b
  • msft-kb4014661-b85cacfc-bb46-41e7-8a30-87bd7d82a7b6
  • msft-kb4014661-caa3ba27-3b75-4f39-90e7-b80fc3181fc3
  • msft-kb4014661-cbd50884-715f-44b7-bb70-8f47d8cd38c3
  • msft-kb4014661-cc9dbf41-cceb-4abc-8211-6f5852938329
  • msft-kb4014661-dcfca752-942a-4da1-8da7-e3d2ba510e27

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;