Описание
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.
EPSS
Процентиль: 13%
0.00043
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 5.3
github
11 дней назад
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.
EPSS
Процентиль: 13%
0.00043
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-125