CVE-2017-0058 Information

Description

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system aka \Win32k Information Disclosure Vulnerability.\

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

http://www.securityfocus.com/bid/97462 http://www.securitytracker.com/id/1038239 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0058 https://www.exploit-db.com/exploits/41879/

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

4.7