Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2017-8488

🗓️ 15 Jun 2017 01:00:00Reported by microsoftType 
cve
 cve🔗 web.nvd.nist.gov👁 83 Views🌐 WEB

The Windows Kernel in Microsoft Windows Server and Windows OS versions allows authenticated attackers to obtain information

Related
Detection
Affected
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		Microsoft Windows - IOCTL_MOUNTMGR_QUERY_POINTS Kernel Mountmgr Pool Memory Disclosure Exploit
21 Jun 201700:00
zdt
Circl		CVE-2017-8488
21 Jun 201700:00
circl
CNVD		Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2017-12796)
15 Jun 201700:00
cnvd
Cvelist		CVE-2017-8488
15 Jun 201701:00
cvelist
Microsoft KB		Windows kernel information disclosure vulnerability: June 13, 2017
13 Jun 201707:00
mskb
Microsoft KB		June 13, 2017—KB4022717 (Security-only update)
28 Jun 201707:00
mskb
Microsoft KB		June 13, 2017—KB4022718 (Security-only update)
28 Jun 201707:00
mskb
Microsoft KB		June 13, 2017—KB4022719 (Monthly Rollup)
28 Jun 201707:00
mskb
Microsoft KB		June 13, 2017—KB4022722 (Security-only update)
28 Jun 201707:00
mskb
Microsoft KB		June 13, 2017—KB4022724 (Monthly Rollup)
28 Jun 201707:00
mskb
Rows per page
[
  {
    "product": "Microsoft Windows",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
IOCTL 0x6D0008path\\.\MountPointManagerKernel information disclosure vulnerability via IOCTL_MOUNTMGR_QUERY_POINTS returning uninitialized pool memory to user-mode, enabling leakage of kernel data.CWE-200
MOUNTMGR_MOUNT_POINT fields SymbolicLinkNameLength, UniqueIdLength, DeviceNameLengthpath\\.\MountPointManagerKernel information disclosure vulnerability via IOCTL_MOUNTMGR_QUERY_POINTS returning uninitialized pool memory to user-mode, enabling leakage of kernel data.CWE-200
IOCTL_MOUNTMGR_QUERY_POINTSpath\\.\MountPointManagerKernel information disclosure vulnerability via IOCTL_MOUNTMGR_QUERY_POINTS returning uninitialized pool memory to user-mode, enabling leakage of kernel data.CWE-200

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 May 2026 00:24Current
4.8Medium risk
Vulners AI Score4.8
CVSS 21.9
CVSS 35
EPSS0.14765
CWE-200
cve-2017-8488information disclosurewindows kernelmicrosoftvulnerability
83