CVE-2017-0073

MEDIUM Year: 2017
CVSS v3 Score
4.3
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-200
View all →

Vulnerability Description

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows GDI+ Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0060 and CVE-2017-0062.

Related Vulnerabilities

CVE-2011-1934

MEDIUM
CVSS:4.3(Medium)

lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1.

CWE-2002011

CVE-2012-1158

MEDIUM
CVSS:4.3(Medium)

Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export

CWE-2002012

CVE-2012-1159

MEDIUM
CVSS:4.3(Medium)

Moodle before 2.2.2: Overview report allows users to see hidden courses

CWE-2002012

CVE-2012-1161

MEDIUM
CVSS:4.3(Medium)

Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results

CWE-2002012

CVE-2012-5570

MEDIUM
CVSS:4.3(Medium)

The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.

CWE-2002012

CVE-2013-4317

MEDIUM
CVSS:4.3(Medium)

In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their ...

CWE-2002013