5 matches found
CVE-2017-8685
creationtimestamp| type| source ---|---|--- 2017-09-18 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42748...
Information disclosure
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GD...
Information disclosure
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is...
CVE-2017-8685
CVE-2017-8685 refers to a Windows kernel memory disclosure in win32k NtGdiEngCreatePalette. The vulnerability exposes uninitialized 1 KB of kernel stack memory when user-mode passes a palette color list, due to a missing pre-initialization step in the temporary kernel buffer and how the palette i...
Microsoft Windows GDI+ CVE-2017-8685 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...