QwikSec

Security Database

CVE

CWE

Training

CVE-2017-11852

Published: Nov 15, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to log on to an affected system and run a specially crafted application to compromise the user's system, due improperly disclosing kernel memory addresses, aka "Windows GDI Information Disclosure Vulnerability".

Vendor	Product	Versions
Microsoft Corporation	GDI	affected `Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1.`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11852

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.