CVE-2020-17098

MEDIUM5.5JSON export Create alert

Description

Windows GDI+ Information Disclosure Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Unchanged

Changed

Affected products

Microsoft / Windows 10 Version 150710.0.10240.0 – publication
Microsoft / Windows 10 Version 160710.0.14393.0 – publication
Microsoft / Windows 10 Version 180310.0.0 – publication
Microsoft / Windows 10 Version 180910.0.17763.0 – publication
Microsoft / Windows 10 Version 180910.0.0 – publication
Microsoft / Windows 10 Version 1903 for 32-bit Systems10.0.0 – publication
Microsoft / Windows 10 Version 1903 for ARM64-based Systems10.0.0 – publication
Microsoft / Windows 10 Version 1903 for x64-based Systems10.0.0 – publication
Microsoft / Windows 10 Version 190910.0.0 – publication
Microsoft / Windows 10 Version 200410.0.0 – publication
Microsoft / Windows 10 Version 20H210.0.0 – publication
Microsoft / Windows 76.1.0 – 6.1.7601.24563
Microsoft / Windows 7 Service Pack 16.1.0 – 6.1.7601.24563
Microsoft / Windows 8.16.3.0 – publication
Microsoft / Windows Server 2008 R2 Service Pack 16.1.7601.0 – 6.1.7601.24563
Microsoft / Windows Server 2008 R2 Service Pack 1 (Server Core installation)6.1.7601.0 – 6.1.7601.24563
Microsoft / Windows Server 2008 Service Pack 26.0.6003.0 – 6.0.6003.20999
Microsoft / Windows Server 2008 Service Pack 2 (Server Core installation)6.0.6003.0 – 6.0.6003.20999
Microsoft / Windows Server 20126.2.9200.0 – publication
Microsoft / Windows Server 2012 R26.3.9600.0 – publication
Microsoft / Windows Server 2012 R2 (Server Core installation)6.3.9600.0 – publication
Microsoft / Windows Server 2012 (Server Core installation)6.2.9200.0 – publication
Microsoft / Windows Server 201610.0.14393.0 – publication
Microsoft / Windows Server 2016 (Server Core installation)10.0.14393.0 – publication
Microsoft / Windows Server 201910.0.17763.0 – publication
Microsoft / Windows Server 2019 (Server Core installation)10.0.17763.0 – publication
Microsoft / Windows Server, version 1903 (Server Core installation)10.0.0 – publication
Microsoft / Windows Server, version 1909 (Server Core installation)10.0.0 – publication
Microsoft / Windows Server version 200410.0.0 – publication
Microsoft / Windows Server version 20H210.0.0 – publication

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17098