PT-2018-1585 · Microsoft · Windows 7+3

Vladislav Stolyarov

Publicado

2018-09-11

Atualizado

2018-11-25

CVE-2018-8422

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Windows GDI versions prior to the fixed version Windows 7 Windows Server 2008 R2

Description The issue is caused by a buffer overflow in the Windows GDI component, allowing an attacker to disclose protected information using a specially crafted document. This can lead to the exposure of sensitive information.

Recommendations For Windows 7 and Windows Server 2008 R2, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to sensitive documents until a patch is available. Avoid using the Windows GDI component with untrusted documents until the issue is resolved.

Correção

Buffer Overflow

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-200

Identificadores relacionados

BDU:2018-01142

CVE-2018-8422

Produtos afetados

Windows

Windows 7

Windows Gdi

Windows Server 2008 R2

PT-2018-1585 · Microsoft · Windows 7+3

CVE-2018-8422

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7