Graphics Uniscribe Information Disclosure Vulnerability in Microsoft Products
CVE-2017-8533

6.5MEDIUM

Key Information:

Vendor
Microsoft
Status
Graphics
Vendor
CVE Published:
15 June 2017

Summary

The vulnerability allows for improper disclosure of memory contents in affected Microsoft Windows products, enabling potential attackers to gain sensitive information through exploited graphics processing functions. By leveraging this vulnerability, malicious actors could access data that is normally restricted, posing a risk of data leakage and privacy breaches. Users are encouraged to apply available security patches and updates to mitigate the risk associated with this flaw.

Affected Version(s)

Graphics Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016

References

http://www.securityfocus.com/bid/98821
vdb-entryx_refsource_BID
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM
https://www.zerodayinitiative.com/advisories/ZDI-19-581/
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.