PT-2017-1598 · Microsoft · Windows +1

🗓️ 14 Mar 2017 00:00:00Reported by Positive TechnologiesType

Graphics Device Interface memory disclosure lets local attackers read memory and cause DoS; may enable code execution with another flaw.

Reporter	Title	Published	Views	Family All 39
0day.today	Microsoft GDI+ - gdiplus!GetRECTSForPlayback Out-of-Bounds Read (MS17-013)	20 Mar 201700:00	–	zdt
BDU FSTEC	The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory, cause a service failure, or have other adverse effects on the system.	31 Mar 201700:00	–	bdu_fstec
Circl	CVE-2017-0060	20 Mar 201700:00	–	circl
CNVD	Microsoft Windows Graphics Local Information Disclosure Vulnerability	20 Mar 201700:00	–	cnvd
Check Point Advisories	Microsoft Windows GDI+ Information Disclosure (MS17-013; CVE-2017-0060; CVE-2017-0062)	14 Mar 201700:00	–	checkpoint_advisories
CVE	CVE-2017-0060	17 Mar 201700:00	–	cve
Cvelist	CVE-2017-0060	17 Mar 201700:00	–	cvelist
EUVD	EUVD-2017-0427	7 Oct 202500:30	–	euvd
Microsoft KB	MS17-013: Description of the security update for 2007 Microsoft Office Suite: March 14, 2017	14 Mar 201707:00	–	mskb
Microsoft KB	MS17-013: Description of the security update for Office 2010: March 14, 2017	14 Mar 201707:00	–	mskb

Source	Link
exploit-db	www.exploit-db.com/exploits/41656
nvd	www.nvd.nist.gov/vuln/detail/CVE-2017-0060
bdu	www.bdu.fstec.ru/vul/2017-00743
msrc	www.msrc.microsoft.com/update-guide/en-US/advisory/CVE-2017-0060
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0060
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
technet	www.technet.microsoft.com/library/security/MS17-013
securityfocus	www.securityfocus.com/bid/96713
securitytracker	www.securitytracker.com/id/1038002

31 Mar 2023 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 22.1

CVSS 3.15.5

EPSS0.15939