New Search

Windows COM Session Elevation of Privilege Vulnerability - CVE-2017-0298

oval:org.cisecurity:def:2692

A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 Windows 10 Gold 1511 1607 1703 and Windows Server 2016 when configured to run as the interactive user allows an authenticated attacker to run arbitrary code in another user's session aka "Windows COM Session Elevation of Privilege Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2012
  • Microsoft Windows 10
  • Microsoft Windows 7
Class:
vulnerability
Reference(s):
  • CVE-2017-0298
Product(s):