CVE-2017-11850

Опубликовано: 15 нояб. 2017

Источник: nvd

CVSS3: 2.5

CVSS2: 1.9

EPSS Низкий

Описание

Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to improper handling of objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability".

Ссылки

http://www.securityfocus.com/bid/101738
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039782
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11850
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101738
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039782
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11850
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01237

Низкий

2.5 Low

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-11850

CVSS3: 4.7

msrc

больше 7 лет назад

Microsoft Graphics Component Information Disclosure Vulnerability

GHSA-vwgf-9jxv-jc4g