CVE-2017-0296

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows TDX Elevation of Privilege Vulnerability".
References
Link Resource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0296 Mitigation Patch Vendor Advisory
http://www.securityfocus.com/bid/98839 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_8.1:rt:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*

Information

Published : 2017-06-14 18:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-0296

Mitre link : CVE-2017-0296


JSON object : View

CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows_7
  • windows_server_2016
  • windows_10
  • windows_8.1
  • windows_server_2008
  • windows_server_2012