Vulnerabilities > Microsoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-17 | CVE-2017-0108 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014. | 7.8 |
| 2017-03-17 | CVE-2017-0104 | Integer Overflow or Wraparound vulnerability in Microsoft products The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerability." | 8.1 |
| 2017-03-17 | CVE-2017-0103 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability." | 7.0 |
| 2017-03-17 | CVE-2017-0102 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 let attackers with access to targets systems gain privileges when Windows fails to properly validate buffer lengths, aka "Windows Elevation of Privilege Vulnerability." | 7.8 |
| 2017-03-17 | CVE-2017-0101 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability." | 7.8 |
| 2017-03-17 | CVE-2017-0100 | Improper Authentication vulnerability in Microsoft products A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows HelpPane Elevation of Privilege Vulnerability." | 7.8 |
| 2017-03-17 | CVE-2017-0095 | Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016 Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0021. | 7.6 |
| 2017-03-17 | CVE-2017-0094 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. | 7.5 |
| 2017-03-17 | CVE-2017-0090 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2017-0083, CVE-2017-0084, CVE-2017-0086, CVE-2017-0087, CVE-2017-0088, and CVE-2017-0089. | 8.8 |
| 2017-03-17 | CVE-2017-0089 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2017-0083, CVE-2017-0084, CVE-2017-0086, CVE-2017-0087, CVE-2017-0088, and CVE-2017-0090. | 8.8 |