Multiple arbitrary code execution vulnerabilities in Microsoft Windows

Описание

Multiple serious vulnerabilities have been found in Microsoft Windows XP and Microsoft Windows Server 2003. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An improper validation of user input in Windows OLE can be exploited remotely via a specially designed file or program to execute arbitrary code;
2. An incorrect way of handling requests done by the Routing and Remote Access service can be exploited remotely via a specially designed application to execute arbitrary code.

Первичный источник обнаружения

• Description of the security update of Windows XP and Windows Server 2003
  Description of the security update of Windows XP and Windows Server 2003
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows-Server-2003
• Microsoft-Windows-XP

Список CVE

• CVE-2017-8487
  critical
• CVE-2017-8461
  high

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com