CVE-2017-0058

medium

Description

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability."

References

https://www.exploit-db.com/exploits/41879/

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0058

http://www.securitytracker.com/id/1038239

http://www.securityfocus.com/bid/97462

Details

Source: Mitre, NVD

Published: 2017-04-12

Risk Information

CVSS v2

Base Score: 1.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 4.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium