Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-8464

KEV EPSS 93.88% · P100
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-8464

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Microsoft产品访问控制错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows等都是美国微软(Microsoft)公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows XP是一套PC和平板电脑使用的操作系统。Windows是一种桌面操作系统。 Microsoft Windows中的Windows Shell中存在访问控制错误漏洞。攻击者可借助特制的.LNK文件利用该漏洞执行任意代码。以下版本受到影响:Microsoft Windows Server 2008 SP2和R2 SP1,Windo
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
Microsoft CorporationWindows Shell Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 -

II. Public POCs for CVE-2017-8464

#POC DescriptionSource LinkShenlong Link
1Nonehttps://github.com/Elm0D/CVE-2017-8464POC Details
2Support x86 and x64https://github.com/3gstudent/CVE-2017-8464-EXPPOC Details
3this tool can generate a exp for cve-2017-8486, it is developed by pythonhttps://github.com/doudouhala/CVE-2017-8464-exp-generatorPOC Details
4Usbhijacking | CVE-2017-8464https://github.com/X-Vector/usbhijackingPOC Details
5Nonehttps://github.com/xssfile/CVE-2017-8464-EXPPOC Details
6Exploit vulnerabilities and vulnerability prevention implementationhttps://github.com/TrG-1999/DetectPacket-CVE-2017-8464POC Details
7Nonehttps://github.com/tuankiethkt020/Phat-hien-CVE-2017-8464POC Details
8- using python to detect cve-2017-8464 vulnerbilitieshttps://github.com/TieuLong21Prosper/Detect-CVE-2017-8464POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-8464

登录查看更多情报信息。

Same Patch Batch · Microsoft Corporation · 2017-06-15 · 95 CVEs total

CVE-2017-8508Microsoft Office 安全漏洞
CVE-2017-8504Microsoft Edge 信息泄露漏洞
CVE-2017-8498Microsoft Edge 信息泄露漏洞
CVE-2017-8493Microsoft Windows 安全漏洞
CVE-2017-8492Microsoft Windows Kernel 信息泄露漏洞
CVE-2017-8491Microsoft Windows Kernel 信息泄露漏洞
CVE-2017-8490Microsoft Windows Kernel 信息泄露漏洞
CVE-2017-8489Microsoft Windows Kernel 信息泄露漏洞
CVE-2017-8494Microsoft Windows 权限许可和访问控制问题漏洞
CVE-2017-8507Microsoft Outlook 缓冲区错误漏洞
CVE-2017-8506Microsoft Office 安全漏洞
CVE-2017-8509Microsoft Office 安全漏洞
CVE-2017-8510Microsoft Office 安全漏洞
CVE-2017-8511Microsoft Office 安全漏洞
CVE-2017-8512Microsoft Office 安全漏洞
CVE-2017-8513Microsoft PowerPoint 2007和SharePoint Server 2007 缓冲区错误漏洞
CVE-2017-8514Microsoft SharePoint Enterprise Server 2016 跨站脚本漏洞
CVE-2017-8515Microsoft Windows 安全漏洞
CVE-2017-8517Microsoft Scripting引擎缓冲区错误漏洞
CVE-2017-8519Microsoft Internet Explorer 缓冲区错误漏洞

Showing top 20 of 95 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Windows Shell
Same vendor: Microsoft Corporation

V. Comments for CVE-2017-8464

No comments yet

Leave a comment