CVE-2017-11850

Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to improper handling of objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability".

Published: Nov 15, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-11850
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 2.5
AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
microsoft / windows_server_2012	r2	r2.x
microsoft / windows_10	1511	1511.x
microsoft / windows_10	1607	1607.x
microsoft / windows_server_2012	-	-
microsoft / windows_10	1703	1703.x
microsoft / windows_10	1709	1709.x
microsoft / windows_server	1709	1709.x

http://www.securityfocus.com/bid/101738
http://www.securitytracker.com/id/1039782
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11850

Vulnerability Database

289,599

CVE-2017-11850