QwikSec

Security Database

CVE

CWE

Training

CVE-2017-8685

Published: Sep 13, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8688.

Vendor	Product	Versions
Microsoft Corporation	Windows GDI+	affected `Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1`

References

exploit

x_refsource_EXPLOIT-DB

vdb-entry

x_refsource_SECTRACK

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8685

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.