CVE-2017-8574 - Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privileg

CVE-2017-8574

Summary

Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8573 and CVE-2017-8556.

References

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*

CVSS

Base:	6.9 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-281

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid	99438
confirm	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8574
sectrack	1038856

Last major update

03-10-2019 - 00:03

Published

11-07-2017 - 21:29

Last modified

03-10-2019 - 00:03