6 matches found
CVE-2017-8684
creationtimestamp| type| source ---|---|--- 2017-09-18 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42747...
Information disclosure
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GD...
CVE-2017-8684
CVE-2017-8684 corresponds to a Windows kernel memory disclosure in win32k NtGdiGetFontResourceInfoInternalW. The vulnerability stems from writing kernel outputs to a user-provided buffer and then copying the entire requested size back to user mode, exposing uninitialized stack memory (≈92 bytes) ...
Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4038799)
This host is missing a critical security update according to Microsoft KB4038799 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows GDI+ Component CVE-2017-8684 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...
Windows 8.1 and Windows Server 2012 R2 September 2017 Security Updates
The remote Windows host is missing security update 4038793 or cumulative update 4038792. It is, therefore, affected by multiple vulnerabilities : - A race condition that could lead to a remote code execution vulnerability exists in NetBT Session Services when NetBT fails to maintain certain...