CVE-2017-0155 — Corporation Windows Graphics Component vulnerability

4 documents4 sources

Severity

7.0HIGHNVD

EPSS

3.0%

top 13.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Corporation Windows Graphics Component Microsoft Windows Server 2008

Timeline

PublishedApr 12

Latest updateMay 13

Description

The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Graphics Elevation of Privilege Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5microsoft_corporation/windows_graphics_componentWindows Vista SP2, Windows Server 2008 SP2, Windows Server 2008 R2 SP1, and Windows 7 SP1

▶NVDmicrosoft/windowsr2

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-6g45-r85q-9j7w: The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain↗2022-05-13

▶

CVEList

CVE-2017-0155: The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain↗2017-04-12

▶

📋Vendor Advisories

Microsoft

Win32k Elevation of Privilege Vulnerability↗2017-04-11

▶