Lucene search

[email protected]CVE-2017-8693

HistoryOct 13, 2017 - 1:29 p.m.

CVE-2017-8693

2017-10-1313:29:02

CWE-200

[email protected]

web.nvd.nist.gov

microsoft

windows 10

windows server

information disclosure

vulnerability

memory handling

cve-2017-8693

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

JSON

The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka “Microsoft Graphics Information Disclosure Vulnerability”.

Affected configurations

Vulners

NVD

Node

microsoft_corporationmicrosoft_graphics_component

CPENameOperatorVersion
microsoft:windows_10microsoft windows 10eq-
microsoft:windows_10microsoft windows 10eq1511
microsoft:windows_10microsoft windows 10eq1607
microsoft:windows_10microsoft windows 10eq1703
microsoft:windows_server_2016microsoft windows server 2016eq*

CPE	Name	Operator	Version
microsoft:windows_10	microsoft windows 10	eq	-
microsoft:windows_10	microsoft windows 10	eq	1511
microsoft:windows_10	microsoft windows 10	eq	1607
microsoft:windows_10	microsoft windows 10	eq	1703
microsoft:windows_server_2016	microsoft windows server 2016	eq	*

CNA Affected

[
  {
    "product": "Microsoft Graphics Component",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016"
      }
    ]
  }
]