Описание
GDI+ Information Disclosure Vulnerability
Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.
FAQ
What type of information could be disclosed by this vulnerability?
A successful exploitation can occur within browser or other applications processing metafiles, resulting in an information disclosure where memory values from the current process are leaked to an attacker.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2012 | ||
| Windows Server 2012 (Server Core installation) | ||
| Windows Server 2012 R2 | ||
| Windows Server 2012 R2 (Server Core installation) | ||
| Windows Server 2016 | ||
| Windows 10 Version 1607 for 32-bit Systems | ||
| Windows 10 Version 1607 for x64-based Systems | ||
| Windows Server 2016 (Server Core installation) | ||
| Windows 10 Version 1809 for 32-bit Systems | ||
| Windows 10 Version 1809 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7.5 High
CVSS3
Связанные уязвимости
Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.
Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.
Уязвимость интерфейса графических устройств Windows GDI+ операционных систем Windows, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
7.5 High
CVSS3