How severe is CVE-2017-0062?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2017-0062?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-0062 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI+ Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0060 and CVE-2017-0073.

Related Vulnerabilities

CVE-2015-3142

MEDIUM

CVSS:4.7(Medium)

The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensit...

CWE-2002015

CVE-2015-7328

MEDIUM

CVSS:4.7(Medium)

Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015.2.x before 2015.2.3 uses world-readable permissions for the private key of the Certification Authority (CA) certificate during the...

CWE-2002015

CVE-2015-7438

MEDIUM

CVSS:4.7(Medium)

IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access.

CWE-2002015

CVE-2015-7493

MEDIUM

CVSS:4.7(Medium)

IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information.

CWE-2002015

CVE-2016-10293

MEDIUM

CVSS:4.7(Medium)

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because...

CWE-2002016

CVE-2016-10294

MEDIUM

CVSS:4.7(Medium)

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because...

CWE-2002016