vulnerability
Microsoft CVE-2017-0242: Microsoft ActiveX Information Disclosure Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | May 9, 2017 | May 9, 2017 | Aug 23, 2019 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
May 9, 2017
Added
May 9, 2017
Modified
Aug 23, 2019
Description
An information disclosure vulnerability exists in the way some ActiveX objects are instantiated. An attacker who successfully exploited this vulnerability could gain access to protected memory contents.
To exploit this vulnerability, an attacker would need to convince a user to open a malicious document that could then instantiate the vulnerable object. This security update addresses the vulnerability by correcting how these objects are instantiated.
Solutions
msft-kb4018927-5df8eadf-63bd-43bb-bf51-0b1928a1ba3bmsft-kb4018927-93cabb89-f78a-4e40-8671-b4b19e8464aamsft-kb4018927-abd80073-39d6-4e4c-a43d-b9e00e93b603msft-kb4019263-46c89aaa-6d7f-48c4-abda-2e0709b58b71msft-kb4019263-a1d1d5c2-78be-44c0-b0eb-2706f1225447msft-kb4019263-c218dbd8-9396-4978-a84d-aeb7a2c77ce3msft-kb4019263-c4749633-16b1-4395-b0bd-1930ee20d5c6msft-kb4019263-cd7fd4a7-f4db-493d-8cc3-70d33e708775msft-kb4019263-d8a880a2-6caa-453f-81c8-c6a88bf19d69
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.