VDB
CVE-2017-0160
CVE-2017-0160
PUBLISHED
CVSS 7.199999809265137 HIGH
Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
EPSS 13.01% · 94.2th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
13.01%
94.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft Corporation | .NET Framework | .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 |
| microsoft | .net_framework | 3.5, 3.5.1, 4.5.2 |
Exploit Intelligence
- CIRCL exploited: CVE-2017-0160 (circl-sighting)
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0160 (circl)
- 97447 (circl)
- 1038236 (circl)
- 41903 (cve.org)
- Microsoft Windows - ManagementObject Arbitrary .NET Serialization Remote Code Execution Exploit (0day-today)
- Microsoft Windows - ManagementObject Arbitrary .NET Serialization Remote Code Execution Exploit (0day-today)
Timeline
- Apr 12, 2017 CVE Published
- Apr 20, 2017 PoC Published
- Apr 20, 2017 PoC Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0160 url
- 97447 vdb
- 41903 exploit
- 1038236 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2017-0160 advisory
- https://www.exploit-db.com/exploits/41903 url
- https://portal.msrc.microsoft.com/fr-fr/security-guidance/releasenotedetail/42b8fa28-9d09-e711-80d9-000d3a32fc99 advisory