CVE-2017-8688 — Vulnetix

Try Vulnetix Request Demo

CVE-2017-8688 PUBLISHED CVSS 2.0999999046325684 LOW

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8685.

EPSS 6.19% · 90.8th percentile

Risk Scores

CVSS v2.0

2.0999999046325684

EPSS Score

6.19%

90.8th percentile

Affected Products

Vendor	Product	Versions
microsoft	windows_10	1511, 1607, 1703
Microsoft Corporation	Windows GDI+	Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
microsoft	windows_rt_8.1
microsoft	windows_server_2016
microsoft	windows_server_2012	r2
microsoft	windows_8.1
microsoft	windows_7
microsoft	windows_server_2008	r2

Timeline

Sep 13, 2017 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Nov 1, 2022 EPSS Score
Jan 2, 2023 EPSS Score
Mar 7, 2023 EPSS Score

References

Open in Interactive Console →