Vulnerability CVE-2017-11850

Vulnerability CVE-2017-11850

Published: 2017-11-14 Modified: 2017-11-15

Description:

Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to improper handling of objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability".

Type:

CWE-200

(Information Exposure)

CVSS2 => (AV:L/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
1.9/10	2.9/10	3.4/10

Exploit range	Attack complexity	Authentication
Local	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	None	None

Affected software
Microsoft -> Windows 10
Microsoft -> Windows 8.1
Microsoft -> Windows rt 8.1
Microsoft -> Windows server
Microsoft -> Windows server 2012
Microsoft -> Windows server 2016

References:

http://www.securityfocus.com/bid/101738

http://www.securitytracker.com/id/1039782

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11850

Copyright 2024, cxsecurity.com