NVD - CVE-2017-9073

Vulnerability Change Records for CVE-2017-9073

Change History

CVE Modified by MITRE 6/22/2017 9:29:01 PM

Action	Type	Old Value	New Value
Removed	CPE Configuration	OR cpe:2.3:o:microsoft:windows_server_2003::::::::* cpe:2.3:o:microsoft:windows_server_2003:-:sp1::::::* cpe:2.3:o:microsoft:windows_server_2003:-:sp2::::::*
Removed	CPE Configuration	OR cpe:2.3:o:microsoft:windows_xp:-::::::: cpe:2.3:o:microsoft:windows_xp:-:gold:embedded::::: cpe:2.3:o:microsoft:windows_xp:-:gold:home::::: cpe:2.3:o:microsoft:windows_xp:-:gold:media_center::::: cpe:2.3:o:microsoft:windows_xp:-:gold:professional::::: cpe:2.3:o:microsoft:windows_xp:-:gold:tablet_pc::::: cpe:2.3:o:microsoft:windows_xp:-:sp1::::::* cpe:2.3:o:microsoft:windows_xp:-:sp1:embedded::::: cpe:2.3:o:microsoft:windows_xp:-:sp1:home::::: cpe:2.3:o:microsoft:windows_xp:-:sp1:media_center::::: cpe:2.3:o:microsoft:windows_xp:-:sp1:professional::::: cpe:2.3:o:microsoft:windows_xp:-:sp1:tablet_pc::::: cpe:2.3:o:microsoft:windows_xp:-:sp2::::::* cpe:2.3:o:microsoft:windows_xp:-:sp2:embedded::::: cpe:2.3:o:microsoft:windows_xp:-:sp2:home::::: cpe:2.3:o:microsoft:windows_xp:-:sp2:media_center::::: cpe:2.3:o:microsoft:windows_xp:-:sp2:professional::::: cpe:2.3:o:microsoft:windows_xp:-:sp2:tablet_pc::::: cpe:2.3:o:microsoft:windows_xp:-:sp3::::::* cpe:2.3:o:microsoft:windows_xp:-:sp3:embedded::::: cpe:2.3:o:microsoft:windows_xp:-:sp3:home::::: cpe:2.3:o:microsoft:windows_xp:-:sp3:media_center::::: cpe:2.3:o:microsoft:windows_xp:-:sp3:professional::::: cpe:2.3:o:microsoft:windows_xp:-:sp3:tablet_pc:::::
Removed	CVSS V2	(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Removed	CVSS V3	AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Removed	CWE	CWE-119
Changed	Description	A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.	REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-0176. Reason: This candidate is a reservation duplicate of CVE-2017-0176. Notes: All CVE users should reference CVE-2017-0176 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Changed	Display Vulnerability	true	false
Removed	Reference	http://www.securityfocus.com/bid/98550 [Third Party Advisory, VDB Entry]
Removed	Reference	https://blog.fortinet.com/2017/05/11/deep-analysis-of-esteemaudit [Exploit, Technical Description, Third Party Advisory]
Removed	Reference	https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/ [Vendor Advisory]