CVE-2017-8693
published 2017-10-13CVE-2017-8693: The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in…
PriorityP423medium5.5CVSS 3.0
AVLACLPRLUINSUCHINAN
EPSS
2.38%
81.8th percentile
The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Microsoft Graphics Information Disclosure Vulnerability".
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft_corporation | microsoft_graphics_component | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | windows_10_version_1703_for_32-bit_systems | — | — |
| msrc | windows_10_version_1703_for_x64-based_systems | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mm7q-m26q-8937: The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerab
ghsa_unreviewed·2022-05-17
CVE-2017-8693 [MEDIUM] CWE-200 GHSA-mm7q-m26q-8937: The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerab
The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Microsoft Graphics Information Disclosure Vulnerability".
Microsoft
Microsoft Graphics Component Information Disclosure Vulnerability
vendor_msrc·2017-10-10·CVSS 5.5
CVE-2017-8693 [MEDIUM] Microsoft Graphics Component Information Disclosure Vulnerability
Microsoft Graphics Component Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.
Microsoft Graphics Component: Microsoft Graphics Component
Issuing CNA: Microsoft
Impact: Information Disclosure
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More L
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/101096http://www.securitytracker.com/id/1039536https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8693http://www.securityfocus.com/bid/101096http://www.securitytracker.com/id/1039536https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8693
2017-10-13
Published