VDB
CVE-2017-11852
CVE-2017-11852
PUBLISHED
CVSS 1.899999976158142 LOW
Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to log on to an affected system and run a specially crafted application to compromise the user's system, due improperly disclosing kernel memory addresses, aka "Windows GDI Information Disclosure Vulnerability".
EPSS 4.12% · 88.8th percentile
Risk Scores
CVSS 2.0
1.899999976158142
EPSS Score
4.12%
88.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft Corporation | GDI | Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1. |
| microsoft | windows_7 | |
| microsoft | windows_server_2008 | * |
Exploit Intelligence
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11852 (circl)
- 101739 (circl)
- 1039782 (circl)
Timeline
- Nov 15, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score