CVE-2017-0148

HIGH Year: 2017
CVSS v3 Score
8.1
High
CVSS v2 Score
9.3
Critical
Weakness Type
CWE-20
View all →

Vulnerability Description

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

Related Vulnerabilities

CVE-2007-5928

HIGH
CVSS:8.1(High)

OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it is...

CWE-202007

CVE-2012-2248

HIGH
CVSS:8.1(High)

An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable.

CWE-202012

CVE-2013-4751

HIGH
CVSS:8.1(High)

php-symfony2-Validator has loss of information during serialization

CWE-202013

CVE-2014-2271

HIGH
CVSS:8.1(High)

cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, w...

CWE-202014

CVE-2014-5282

HIGH
CVSS:8.1(High)

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

CWE-202014