CVE-2017-0283

HIGH

Microsoft Lync - Remote Code Execution

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0283. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a crash in the Windows Uniscribe library (USP10!MergeLigRecords) due to a corrupted font file, leading to an access violation in memmove(). The issue is similar to CVE-2017-0087, suggesting an incomplete fix.

Description

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows, and Microsoft Silverlight 5 when installed on Microsoft Windows allows a remote code execution vulnerability due to the way it handles objects in memory, aka "Windows Uniscribe Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8528.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/42234

View Code ZIP pw:eip

This exploit demonstrates a crash in the Windows Uniscribe library (USP10!MergeLigRecords) due to a corrupted font file, leading to an access violation in memmove(). The issue is similar to CVE-2017-0087, suggesting an incomplete fix.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Windows Uniscribe (USP10.DLL) on Windows 7

No auth needed

Prerequisites: Corrupted font file · Application rendering text with the font

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42234/

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1038675

Mitigation, Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0283

Issue Tracking x_refsource_misc

https://bugs.chromium.org/p/project-zero/issues/detail?id=1198

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98920

Various Sources x_refsource_misc

https://0patch.blogspot.com/2017/07/0patching-quick-brown-fox-of-cve-2017.html

Scores

CVSS v3 8.8

EPSS 0.3902

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published

Products (19)

microsoft/lync 2013 sp1

microsoft/office 2007 sp3

microsoft/office 2010 sp2

microsoft/office_word_viewer

microsoft/silverlight 5.0

microsoft/skype_for_business 2016

microsoft/windows_10

microsoft/windows_10 1511

microsoft/windows_10 1607

microsoft/windows_10 1703

... and 9 more

Published Jun 15, 2017

Tracked Since Feb 18, 2026