CVE-2018-0750Sensitive Information Exposure in Corporation Windows GDI

5 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
3.1%
top 13.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Microsoft Corporation Windows GDIMicrosoft Windows Server 2008Msrc Windows 7 FOR 32-bit Systems Service Pack 1+6 more
Timeline
PublishedJan 4
Latest updateMay 13

Description

The Windows GDI component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability".

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages9 packages

🔴Vulnerability Details

1
GHSA
GHSA-p576-rfhm-3mg3: The Windows GDI component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an information disclosure vulnerability due to the way object2022-05-13

📋Vendor Advisories

1
Microsoft
Windows GDI Information Disclosure Vulnerability2018-01-09

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - January 20182018-01-09
Talos
Microsoft Patch Tuesday - January 20182018-01-09