Lucene search
Nelson William Gamazo Sanchez - Trend MicroZDI-17-846HistoryOct 10, 2017 - 12:00 a.m.
Microsoft Windows DNSAPI NSEC3_RecordRead Heap-based Buffer Overflow Remote Code Execution Vulnerability
2017-10-1000:00:00
Nelson William Gamazo Sanchez - Trend Micro
www.zerodayinitiative.com
59
0.44 Medium
EPSS
Percentile
97.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of DNS responses. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
mscve
mscve
Windows DNSAPI Remote Code Execution Vulnerability
2017-10-10 07:00:00
checkpoint_advisories
checkpoint_advisories
huawei
huawei
Security Advisory - Remote Code Execution Vulnerability in Windows DNSAPI
2017-12-20 00:00:00
nvd
nvd
CVE-2017-11779
2017-10-13 13:29:00
cve
cve
CVE-2017-11779
2017-10-13 13:29:00
prion
prion
Remote code execution
2017-10-13 13:29:00
cvelist
cvelist
CVE-2017-11779
2017-10-10 00:00:00
seebug
seebug
Windows KEPT remote code execution vulnerability analysis(CVE-2017-11779)
2017-10-16 00:00:00
threatpost
threatpost
Microsoft Patches Critical Windows DNS Client Vulnerabilities
2017-10-10 14:00:55
Microsoft Patches Office Bug Actively Being Exploited
2017-10-10 16:44:08
symantec
symantec
Microsoft Windows DNSAPI CVE-2017-11779 Remote Code Execution Vulnerability
2017-10-10 00:00:00
krebs
krebs
Microsoftβs October Patch Batch Fixes 62 Flaws
2017-10-11 14:18:40
qualysblog
qualysblog
October Patch Tuesday: 28 Critical Microsoft Vulnerabilities
2017-10-10 18:23:41
thn
thn
mskb
mskb
October 10, 2017βKB4041679 (Security-only update)
2017-10-16 07:00:00
October 10, 2017βKB4041690 (Monthly Rollup)
2017-10-16 07:00:00
October 10, 2017βKB4041687 (Security-only update)
2017-10-16 07:00:00
nessus
nessus
Windows Server 2012 October 2017 Security Updates (KRACK)
2017-10-10 00:00:00
Windows 8.1 and Windows Server 2012 R2 October 2017 Security Updates (KRACK)
2017-10-10 00:00:00
KB4042895: Windows 10 October 2017 Cumulative Update (KRACK)
2017-11-03 00:00:00
openvas
openvas
Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4041690)
2017-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4041693)
2017-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4041689)
2017-10-11 00:00:00
kaspersky
kaspersky
KLA11111 Multiple vulnerabilities in Microsoft Windows
2017-10-10 00:00:00
trendmicroblog
trendmicroblog
talosblog
talosblog
Microsoft Patch Tuesday - October 2017
2017-10-10 13:25:00