CVE-2017-0259

medium

Description

The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0258.

References

https://www.exploit-db.com/exploits/42007/

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0259

http://www.securityfocus.com/bid/98113

Details

Source: Mitre, NVD

Published: 2017-05-12

Updated: 2017-08-13

Risk Information

CVSS v2

Base Score: 1.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 4.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium