CVE-2017-0022

ENISA EUVD: EUVD-2017-0389 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 1 article Published: 2017-03-17

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

36.69%

probability

This CVE has a 36.69% probability of being exploited in the next 30 days.

0% Top 97.2th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

6.5

MEDIUM

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS v2 (legacy)

4.3

MEDIUM

Access Vector

Network

Access Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Description

VulnerabilityLookup (CNA)

Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2 improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site, aka "Microsoft XML Information Disclosure Vulnerability."

Affected Products

Microsoft Corporation

XML Core Services

XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2

microsoft

xml core services

microsoft

windows 8.1

microsoft

windows server 2008

microsoft

windows server 2012

Microsoft Corporation

XML Core Services

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-664 · Improper Control of a Resource Through its Lifetime

Google Project Zero

Patched

March 14, 2017

Reported by

Will Matcalf of Proofpoint, Kafeine of Proofpoint, Joseph C Chen of Trend Micro, Brooks Li of Trend Micro

Root Cause Analysis

???

http://www.securityfocus.com/bid/96069

vdb-entry x_refsource_BID

https://0patch.blogspot.com/2017/09/exploit-kit-rendezvous-and-cve-2017-0022.html

x_refsource_MISC

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0022

x_refsource_CONFIRM

http://www.securitytracker.com/id/1038014

vdb-entry x_refsource_SECTRACK

Signal Intelligence

Confidenceⓘ

95%

EPSS 36.69%

CVSS v3.1 6.5

Mentions 1

Last Seen Mar 27, 2017

CNA Information

CNA Assigner

microsoft

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Triage Info

Decided atMar 05, 2026

Published DateMar 17, 2017