Lucene search

K
cveMicrosoftCVE-2018-0741
HistoryJan 04, 2018 - 2:29 p.m.

CVE-2018-0741

2018-01-0414:29:00
microsoft
web.nvd.nist.gov
47
cve-2018-0741
color management
windows 7
windows server 2008
information disclosure
vulnerability

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

5

Confidence

High

EPSS

0.007

Percentile

80.3%

The Color Management Module (Icm32.dll) in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an information disclosure vulnerability due to the way objects are handled in memory, aka “Microsoft Color Management Information Disclosure Vulnerability”.

Affected configurations

Nvd
Vulners
Node
microsoftwindows_7sp1
OR
microsoftwindows_server_2008sp2
OR
microsoftwindows_server_2008Matchr2sp1
VendorProductVersionCPE
microsoftwindows_7cpe:/o:microsoft:windows_7::sp1::
microsoftwindows_server_2008cpe:/o:microsoft:windows_server_2008::sp2::
microsoftwindows_server_2008r2cpe:/o:microsoft:windows_server_2008:r2:sp1::

CNA Affected

[
  {
    "product": "Color Management Module (Icm32.dll)",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1"
      }
    ]
  }
]

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

5

Confidence

High

EPSS

0.007

Percentile

80.3%