Remote code execution in Windows Uniscribe
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-8692 CVE-2017-8696 |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system Microsoft Office Client/Desktop applications / Office applications Microsoft Word Client/Desktop applications / Office applications Microsoft Office Web Apps Client/Desktop applications / Office applications Skype for Business Client/Desktop applications / Messaging software Microsoft Lync Client/Desktop applications / Messaging software Microsoft Live Meeting Client/Desktop applications / Messaging software Lync Attendee Client/Desktop applications / Messaging software |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU8315
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-8692
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. A remote unauthenticated attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8692
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU8316
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-8696
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. A remote unauthenticated attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows Server: 2008 - 2008 R2
Microsoft Office: 2007 - 2010 Service Pack 2
Microsoft Word: Viewer
Microsoft Office Web Apps: 2010 Service Pack 2
Skype for Business: 2016
Microsoft Lync: 2010 - 2013
Microsoft Live Meeting: 2007 Add-in - 2007 Console
Windows: 7
Lync Attendee: 2010
External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8696
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
