Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Microsoft Windows Text Services Framework by Microsoft Corporation

    CVE-2017-8727 (GCVE-0-2017-8727)

    Vulnerability from nvd – Published: 2017-10-13 13:00 – Updated: 2024-09-17 00:01
    VLAI
    Summary
    Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Framework handles objects in memory, aka "Windows Shell Memory Corruption Vulnerability".
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1039537 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/101142 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Windows Text Services Framework Affected: Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2017-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:41:24.296Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8727"
              },
              {
                "name": "1039537",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1039537"
              },
              {
                "name": "101142",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/101142"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Windows Text Services Framework",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2017-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Framework handles objects in memory, aka \"Windows Shell Memory Corruption Vulnerability\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-14T09:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8727"
            },
            {
              "name": "1039537",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1039537"
            },
            {
              "name": "101142",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/101142"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2017-10-10T00:00:00",
              "ID": "CVE-2017-8727",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Windows Text Services Framework",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Framework handles objects in memory, aka \"Windows Shell Memory Corruption Vulnerability\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8727",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8727"
                },
                {
                  "name": "1039537",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1039537"
                },
                {
                  "name": "101142",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/101142"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2017-8727",
        "datePublished": "2017-10-13T13:00:00.000Z",
        "dateReserved": "2017-05-03T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:01:17.814Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8727 (GCVE-0-2017-8727)

    Vulnerability from cvelistv5 – Published: 2017-10-13 13:00 – Updated: 2024-09-17 00:01
    VLAI
    Summary
    Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Framework handles objects in memory, aka "Windows Shell Memory Corruption Vulnerability".
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1039537 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/101142 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Microsoft Corporation Microsoft Windows Text Services Framework Affected: Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.
    Create a notification for this product.
    Date Public
    2017-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:41:24.296Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8727"
              },
              {
                "name": "1039537",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1039537"
              },
              {
                "name": "101142",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/101142"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Windows Text Services Framework",
              "vendor": "Microsoft Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016."
                }
              ]
            }
          ],
          "datePublic": "2017-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Framework handles objects in memory, aka \"Windows Shell Memory Corruption Vulnerability\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-14T09:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8727"
            },
            {
              "name": "1039537",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1039537"
            },
            {
              "name": "101142",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/101142"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "DATE_PUBLIC": "2017-10-10T00:00:00",
              "ID": "CVE-2017-8727",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Windows Text Services Framework",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Framework handles objects in memory, aka \"Windows Shell Memory Corruption Vulnerability\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8727",
                  "refsource": "CONFIRM",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8727"
                },
                {
                  "name": "1039537",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1039537"
                },
                {
                  "name": "101142",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/101142"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2017-8727",
        "datePublished": "2017-10-13T13:00:00.000Z",
        "dateReserved": "2017-05-03T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:01:17.814Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }