Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka "Windows Shell Remote Code Execution Vulnerability".
http://www.securitytracker.com/id/1039537
http://www.securityfocus.com/bid/101121
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11819
Source: Mitre, NVD
Published: 2017-10-13
Updated: 2025-04-20
Base Score: 7.6
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
Severity: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS: 0.2085