CVE-2017-0293

high Microsoft
CVSS v3 Base Score
7.5
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
22.5%
Exploitation probability in 30 days
Top 4% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Confidentiality
High
Integrity
High
Availability
High
Published: August 8, 2017 (3201 days ago)
Last Modified: May 13, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability".

CWE

CWE-119

Affected Products

microsoft windows 10microsoft windows 8.1microsoft windows rt 8.1microsoft windows server 2008microsoft windows server 2012microsoft windows server 2016

References

🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 portal.msrc.microsoft.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com