CVE-2023-29371Improper Input Validation in Microsoft Windows 10 Version 1507

CWE-20Improper Input ValidationCWE-125Out-of-bounds Read8 documents6 sources
Severity
7.8HIGHCNA
No vector
EPSS
1.2%
top 20.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
28
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+25 more
Timeline
PublishedJun 13
Latest updateSep 16

Description

Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability

Affected Packages28 packages

CVEListV5microsoft/windows_server_20126.2.9200.06.2.9200.24314
CVEListV5microsoft/windows_server_201610.0.14393.010.0.14393.5989
CVEListV5microsoft/windows_server_201910.0.17763.010.0.17763.4499
CVEListV5microsoft/windows_server_202210.0.20348.010.0.20348.1787
CVEListV5microsoft/windows_server_2012_r26.3.9600.06.3.9600.21013

🔴Vulnerability Details

1
CVEList
Windows GDI Elevation of Privilege Vulnerability2023-06-13

📋Vendor Advisories

2
Red Hat
kernel: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one2025-09-16
Microsoft
Windows GDI Elevation of Privilege Vulnerability2023-06-13

🕵️Threat Intelligence

5
Talos
Microsoft discloses 5 critical vulnerabilities in June's Patch Tuesday, no zero-days2023-06-13
Qualys
Microsoft and Adobe Patch Tuesday, June 2023 Security Update Review | Qualys2023-06-13
Talos
Microsoft discloses 5 critical vulnerabilities in June's Patch Tuesday, no zero-days2023-06-13
Qualys
Microsoft and Adobe Patch Tuesday, June 2023 Security Update Review2023-06-13
Zscaler
Zscaler found Windows Security Vulnerabilities | 06-13-2023
CVE-2023-29371 — Improper Input Validation in Microsoft | cvebase