Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Microsoft Windows 7 SP1 by Microsoft Corporation

    CVE-2017-11819 (GCVE-0-2017-11819)

    Vulnerability from nvd – Published: 2017-10-13 13:00 – Updated: 2024-09-17 04:28
    VLAI
    Summary
    Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka "Windows Shell Remote Code Execution Vulnerability".
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1039537 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/101121 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Windows 7 SP1 Affected: Microsoft Windows 7 SP1
    Create a notification for this product.
    Date Public
    2017-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:19:39.336Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819"
              },
              {
                "name": "1039537",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1039537"
              },
              {
                "name": "101121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/101121"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Windows 7 SP1",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 7 SP1"
                }
              ]
            }
          ],
          "datePublic": "2017-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka \"Windows Shell Remote Code Execution Vulnerability\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-14T09:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819"
            },
            {
              "name": "1039537",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1039537"
            },
            {
              "name": "101121",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/101121"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2017-10-10T00:00:00",
              "ID": "CVE-2017-11819",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Windows 7 SP1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 7 SP1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka \"Windows Shell Remote Code Execution Vulnerability\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819"
                },
                {
                  "name": "1039537",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1039537"
                },
                {
                  "name": "101121",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/101121"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2017-11819",
        "datePublished": "2017-10-13T13:00:00.000Z",
        "dateReserved": "2017-07-31T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:28:47.265Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-11819 (GCVE-0-2017-11819)

    Vulnerability from cvelistv5 – Published: 2017-10-13 13:00 – Updated: 2024-09-17 04:28
    VLAI
    Summary
    Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka "Windows Shell Remote Code Execution Vulnerability".
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1039537 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/101121 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Windows 7 SP1 Affected: Microsoft Windows 7 SP1
    Create a notification for this product.
    Date Public
    2017-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:19:39.336Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819"
              },
              {
                "name": "1039537",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1039537"
              },
              {
                "name": "101121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/101121"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Windows 7 SP1",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Microsoft Windows 7 SP1"
                }
              ]
            }
          ],
          "datePublic": "2017-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka \"Windows Shell Remote Code Execution Vulnerability\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-14T09:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819"
            },
            {
              "name": "1039537",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1039537"
            },
            {
              "name": "101121",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/101121"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2017-10-10T00:00:00",
              "ID": "CVE-2017-11819",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Windows 7 SP1",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Microsoft Windows 7 SP1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka \"Windows Shell Remote Code Execution Vulnerability\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819"
                },
                {
                  "name": "1039537",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1039537"
                },
                {
                  "name": "101121",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/101121"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2017-11819",
        "datePublished": "2017-10-13T13:00:00.000Z",
        "dateReserved": "2017-07-31T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:28:47.265Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }