ID:1322 - Exploit for Information disclosure in Windows and Windows Server - CVE-2017-8684

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:1322 - Exploit for Information disclosure in Windows and Windows Server - CVE-2017-8684

ID:1322 - Exploit for Information disclosure in Windows and Windows Server - CVE-2017-8684

Published: March 18, 2020


Vulnerability identifier: #VU8305
Vulnerability risk: Low
CVE-ID: CVE-2017-8684
CWE-ID: CWE-200
Exploitation vector: Local access
Vulnerable software:
Windows
Windows Server

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to obtain potentially sensitive information.

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. A local user can gain access to potentially sensitive information.


Remediation

Install updates from vendor's website.