CVE-2017-11850

LOW Year: 2017
CVSS v3 Score
2.5
Low
CVSS v2 Score
1.9
Low
Weakness Type
CWE-200
View all →

Vulnerability Description

Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to improper handling of objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability".

Related Vulnerabilities

CVE-2016-0259

LOW
CVSS:2.5(Low)

runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands.

CWE-2002016

CVE-2016-1185

LOW
CVSS:2.5(Low)

The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application.

CWE-2002016

CVE-2016-2894

LOW
CVSS:2.5(Low)

IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary acc...

CWE-2002016

CVE-2016-3321

LOW
CVSS:2.5(Low)

Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a ...

CWE-2002016

CVE-2016-5849

LOW
CVSS:2.5(Low)

Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage.

CWE-2002016

CVE-2016-7960

LOW
CVSS:2.5(Low)

Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration inf...

CWE-2002016