Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0294: Windows Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2017-0294: Windows Remote Code Execution Vulnerability

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

06/13/2017

Created

07/25/2018

Added

06/13/2017

Modified

11/18/2021

Description

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files. To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious cabinet file disguised as a printer driver. The update addresses the vulnerability by correcting how Windows handles cabinet files.

Solution(s)

msft-kb4022008-262e4cc8-8420-4e0d-8ec9-0457f67c99b2
msft-kb4022008-7458fdb9-efd6-4b44-8b93-4c86559ce491
msft-kb4022008-9af73f48-02a4-4bdd-ae56-d5d113f24871
msft-kb4022714-63569ab7-c77a-4436-a691-ad182bf54b54
msft-kb4022714-a6c6864b-39ee-4a25-8c19-fdf5df77f49c
msft-kb4022715-5628b4c3-1451-4233-a111-f48f4eecac09
msft-kb4022715-8436b0ac-13c3-4047-9c60-e1fdba6cf918
msft-kb4022715-96c2ded2-ca08-466e-8d52-1f28a54d49d5
msft-kb4022717-1d805e7c-215a-4c96-8b39-3829bd2e02d0
msft-kb4022717-6abad12a-fc3f-4352-81f7-453e305f13ed
msft-kb4022717-7b6c010d-36ea-4bb4-9d06-9e44c1235690
msft-kb4022718-185fb91c-8006-4eeb-81f1-611113a80509
msft-kb4022718-5cc34e54-998c-4120-ba8a-d528309738f8
msft-kb4022718-8f05b935-4c68-4218-92fe-a734d28cc5e9
msft-kb4022722-0fff3ada-3205-441e-9f7f-f9e0198a32ce
msft-kb4022722-4182f860-3205-4b8d-bf9d-4b0b93f34adc
msft-kb4022722-61851a6d-1717-4861-801a-461e772cb312
msft-kb4022722-65224535-330e-42bd-8e35-824c878ec11a
msft-kb4022722-657cd92e-a4a3-4319-a954-52bedeef4cfc
msft-kb4022722-e181eaef-054e-4b52-a00f-503b91461f68
msft-kb4022725-06b477db-a2d9-4ada-a693-acd91267e8b4
msft-kb4022725-3a4111b7-7238-4b2d-b744-9537b1c6cdfc
msft-kb4022727-378b3f68-8c1f-410f-b1ed-46c1608edf57
msft-kb4022727-7da82164-b5fd-4735-b187-087b2f0fd24f

References

https://attackerkb.com/topics/cve-2017-0294
CVE - 2017-0294
4022008
4022714
4022715
4022717
4022718
4022719
4022722
4022724
4022725
4022726
4022727

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0294: Windows Remote Code Execution Vulnerability

Microsoft CVE-2017-0294: Windows Remote Code Execution Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.