Vulnerability Change Records for CVE-2017-8543

Change History

CWE Remap 10/02/2019 8:3:26 PM

Action Type Old Value New Value
Changed CWE
CWE-264
CWE-281

CVE Modified by Microsoft Corporation 7/07/2017 9:29:20 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1038667 [No Types Assigned]

CVE Modified by Microsoft Corporation 6/15/2017 9:29:04 PM

Action Type Old Value New Value
Changed Description
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/98824 [No Types Assigned]

Initial Analysis 6/26/2017 1:25:20 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-264
Changed Reference Type
http://www.securityfocus.com/bid/98824 No Types Assigned
http://www.securityfocus.com/bid/98824 Third Party Advisory, VDB Entry
Changed Reference Type
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543 No Types Assigned
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543 Mitigation, Patch, Vendor Advisory