Lucene search
MicrosoftMS:CVE-2017-11852HistoryNov 14, 2017 - 8:00 a.m.
Windows GDI Information Disclosure Vulnerability
2017-11-1408:00:00
Microsoft
msrc.microsoft.com
10
0.001 Low
EPSS
Percentile
30.0%
A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.
The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.
Related
symantec
symantec
prion
prion
Information disclosure
2017-11-15 03:29:00
cve
cve
CVE-2017-11852
2017-11-15 03:29:00
cvelist
cvelist
CVE-2017-11852
2017-11-14 00:00:00
mskb
mskb
Description of the security update for vulnerabilities in Windows Server 2008: November 14, 2017
2017-11-14 08:00:00
November 14, 2017—KB4048960 (Security-only update)
2017-11-14 08:00:00
November 14, 2017—KB4048957 (Monthly Rollup)
2017-11-14 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4048970)
2017-11-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4048957)
2017-11-15 00:00:00
nessus
nessus
Windows 2008 November 2017 Multiple Security Updates
2017-11-14 00:00:00
Windows 7 and Windows Server 2008 R2 November 2017 Security Updates
2017-11-14 00:00:00
kaspersky
kaspersky
KLA11855 Multiple vulnerabilities in Microsoft Products (ESU)
2017-11-14 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - November 2017
2017-11-14 11:54:00
trendmicroblog
trendmicroblog