CVE-2017-11850Sensitive Information Exposure in Corporation Microsoft Graphics Component

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
2.5LOWNVD
EPSS
3.7%
top 12.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
21
Microsoft Corporation Microsoft Graphics ComponentMicrosoft Windows 10Microsoft Windows Server+18 more
Timeline
PublishedNov 15
Latest updateMay 17

Description

Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to improper handling of objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability".

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.0 | Impact: 1.4

Affected Packages21 packages

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-vwgf-9jxv-jc4g: Microsoft Graphics Component in Windows 82022-05-17

📋Vendor Advisories

1
Microsoft
Microsoft Graphics Component Information Disclosure Vulnerability2017-11-14

🕵️Threat Intelligence

1
Talos
Microsoft Patch Tuesday - November 20172017-11-14
CVE-2017-11850 — Sensitive Information Exposure | cvebase