Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-8535
HistoryMay 26, 2017 - 8:29 p.m.

CVE-2017-8535

2017-05-2620:29:00
CWE-119
CWE-674
CWE-369
CWE-476
[email protected]
web.nvd.nist.gov
34
cve-2017-8535
microsoft
malware protection engine
denial of service
vulnerability
microsoft forefront
microsoft defender
windows server
windows 7
windows 8.1
windows server 2012
windows rt 8.1
windows 10
windows server 2016
microsoft exchange server

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.1 Medium

AI Score

Confidence

High

0.783 High

EPSS

Percentile

98.3%

JSON

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka “Microsoft Malware Protection Engine Denial of Service Vulnerability”, a different vulnerability than CVE-2017-8536, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542.

Affected configurations

Vulners
NVD
Node
microsoft_corporationmalware_protection_engine

CNA Affected

[
  {
    "product": "Malware Protection Engine",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016."
      }
    ]
  }
]

Related

prion 5
cvelist 5
nvd 5
cve 4
zdt 1
kaspersky 3
openvas 3
nessus 1
mscve 5
checkpoint_advisories 5
prion
prion
Design/Logic Flaw
2017-05-26 20:29:00
Design/Logic Flaw
2017-05-26 20:29:00
Design/Logic Flaw
2017-05-26 20:29:00
cvelist
cvelist
CVE-2017-8535
2017-05-26 20:00:00
CVE-2017-8537
2017-05-26 20:00:00
CVE-2017-8542
2017-05-26 20:00:00
nvd
nvd
CVE-2017-8539
2017-05-26 20:29:00
CVE-2017-8535
2017-05-26 20:29:00
CVE-2017-8536
2017-05-26 20:29:00
cve
cve
CVE-2017-8539
2017-05-26 20:29:00
CVE-2017-8536
2017-05-26 20:29:00
CVE-2017-8542
2017-05-26 20:29:00
zdt
zdt
Microsoft MsMpEng - Multiple Crashes While Scanning Malformed Files Exploit
2017-05-29 00:00:00
kaspersky
kaspersky
KLA11029 Multiple vulnerabilities in the Microsoft Malware Protection Engine
2017-05-09 00:00:00
KLA11839 Multiple vulnerabilities in Microsoft Exchange Server
2017-05-25 00:00:00
KLA11840 Multiple vulnerabilities in Microsoft System Center
2017-05-25 00:00:00
openvas
openvas
Microsoft Malware Protection Engine on Forefront Security for SharePoint Multiple Vulnerabilities
2017-06-02 00:00:00
Microsoft Malware Protection Engine on Windows Defender Multiple Vulnerabilities
2017-06-02 00:00:00
Microsoft Malware Protection Engine on Security Essentials Multiple Vulnerabilities
2017-06-02 00:00:00
nessus
nessus
Microsoft Malware Protection Engine < 1.1.13804 Multiple Vulnerabilities
2017-05-31 00:00:00
mscve
mscve
Microsoft Malware Protection Engine Denial of Service Vulnerability
2017-05-25 07:00:00
Microsoft Malware Protection Engine Denial of Service Vulnerability
2017-05-25 07:00:00
Microsoft Malware Protection Engine Denial of Service Vulnerability
2017-05-25 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Malware Protection Engine Denial of Service (CVE-2017-8535)
2017-05-29 00:00:00
Microsoft Malware Protection Engine Denial of Service (CVE-2017-8537)
2017-05-29 00:00:00
Microsoft Malware Protection Engine Denial of Service (CVE-2017-8536)
2017-05-29 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.1 Medium

AI Score

Confidence

High

0.783 High

EPSS

Percentile

98.3%

JSON
Related for CVE-2017-8535
prion5cvelist5nvd5cve4zdt1kaspersky3openvas3nessus1mscve5checkpoint_advisories5