- Home
- CVEs with nessus.description==The remote Windows host is missing a security update. It is,
therefore, affected by multiple vulnerabilities :
- Multiple elevation of privilege vulnerabilities exist in
the Windows Graphics Device Interface (GDI) component
due to improper handling of objects in memory. A local
attacker can exploit these vulnerabilities, via a
specially crafted application, to execute arbitrary code
in kernel mode. (CVE-2017-0001, CVE-2017-0005,
CVE-2017-0025, CVE-2017-0047)
- Multiple remote code execution vulnerabilities exist in
the Windows Graphics component due to improper handling
of objects in memory. An unauthenticated, remote
attacker can exploit these vulnerabilities, by
convincing a user to visit a specially crafted web page
or open a specially crafted document, to execute
arbitrary code. (CVE-2017-0014, CVE-2017-0108)
- An information disclosure vulnerability exists in the
Windows Graphics Device Interface (GDI) component due to
improper handling of objects in memory. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted web page
or open a specially crafted document, to disclose the
contents of memory. (CVE-2017-0038)
- Multiple information disclosure vulnerabilities exist in
the Windows Graphics Device Interface (GDI) component
due to improper handling of memory addresses. A local
attacker can exploit these vulnerabilities, via a
specially crafted application, to disclose sensitive
information. (CVE-2017-0060, CVE-2017-0062,
CVE-2017-0073)
- Multiple information disclosure vulnerabilities exist in
the Color Management Module (ICM32.dll) due to improper
handling of objects in memory. An unauthenticated,
remote attacker can exploit this, by convincing a user
to visit a specially crafted web page, to disclose
sensitive information and bypass usermode Address Space
Layout Randomization (ASLR). (CVE-2017-0061,
CVE-2017-0063)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top