Vulnerability Name: CVE-2017-11779 (CCN-132572) Assigned: 2017-10-10 Published: 2017-10-10 Updated: 2019-10-03 Summary: The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability". CVSS v3 Severity: 8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H )7.3 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
8.1 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H )7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): HighAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-noinfo Vulnerability Consequences: Gain Access References: Source: MITRE Type: CNACVE-2017-11779 Source: BID Type: Third Party Advisory, VDB Entry101166 Source: CCN Type: BID-101166Microsoft Windows DNSAPI CVE-2017-11779 Remote Code Execution Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry1039533 Source: XF Type: UNKNOWNms-dnsapi-cve201711779-code-exec(132572) Source: CCN Type: Microsoft Security TechCenter - October 2017Windows DNSAPI Remote Code Execution Vulnerability Source: CONFIRM Type: Patch, Vendor Advisoryhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11779 Source: CCN Type: ZDI-17-846Microsoft Windows DNSAPI NSEC3_RecordRead Heap-based Buffer Overflow Remote Code Execution Vulnerability Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_10:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1511:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1607:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1703:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_8.1:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:* OR cpe:/o:microsoft:windows_8.1:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_10:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* Denotes that component is vulnerable BACK
microsoft windows 10 -
microsoft windows 10 1511
microsoft windows 10 1607
microsoft windows 10 1703
microsoft windows 8.1 *
microsoft windows rt 8.1 *
microsoft windows server 2012 r2
microsoft windows server 2016 *
microsoft windows server 2012
microsoft windows 8.1 - -
microsoft windows 8.1 *
microsoft windows server 2012 r2
microsoft windows rt 8.1 *
microsoft windows 10 -
microsoft windows 10 *
microsoft windows server 2016