ID:1323 - Exploit for Information disclosure in Windows Server and Windows - CVE-2017-8685

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:1323 - Exploit for Information disclosure in Windows Server and Windows - CVE-2017-8685

ID:1323 - Exploit for Information disclosure in Windows Server and Windows - CVE-2017-8685

Published: March 18, 2020


Vulnerability identifier: #VU8306
Vulnerability risk: Low
CVE-ID: CVE-2017-8685
CWE-ID: CWE-200
Exploitation vector: Local access
Vulnerable software:
Windows Server
Windows

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to obtain potentially sensitive information.

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. A local user can gain access to potentially sensitive information.


Remediation

Install updates from vendor's website.