Executive Summary

Informations
NameCVE-2017-0038First vendor Publication2017-02-20
VendorCveLast vendor Modification2017-08-31

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0038

CWE : Common Weakness Enumeration

%idName
100 %CWE-200Information Exposure

CPE : Common Platform Enumeration

TypeDescriptionCount
Os3
Os1
Os1
Os1
Os2
Os2
Os1
Os1

Snort® IPS/IDS

DateDescription
2017-04-14Microsoft Windows GDI WMF out of bounds read attempt
RuleID : 41994 - Revision : 2 - Type : OS-WINDOWS
2017-04-14Microsoft Windows GDI WMF out of bounds read attempt
RuleID : 41993 - Revision : 2 - Type : OS-WINDOWS
2017-04-12GDI+ malformed EMF comment heap access violation attempt
RuleID : 41971 - Revision : 1 - Type : FILE-IMAGE
2017-04-12GDI+ malformed EMF comment heap access violation attempt
RuleID : 41970 - Revision : 1 - Type : FILE-IMAGE
2017-04-12GDI+ malformed EMF description out of bounds read attempt
RuleID : 41947 - Revision : 3 - Type : FILE-IMAGE
2017-04-12Microsoft GDI+ malformed EMF description out of bounds read attempt
RuleID : 41946 - Revision : 3 - Type : FILE-IMAGE
2017-04-12Microsoft Windows Uniscribe privilege escalation attempt
RuleID : 41933 - Revision : 2 - Type : FILE-OTHER
2017-04-12Microsoft Windows Uniscribe privilege escalation attempt
RuleID : 41932 - Revision : 2 - Type : FILE-OTHER
2017-03-14Microsoft Windows GDI invalid EMF cbBitsSrc memory disclosure attempt
RuleID : 41596 - Revision : 5 - Type : OS-WINDOWS
2017-03-14Microsoft Windows GDI invalid EMF cbBitsSrc memory disclosure attempt
RuleID : 41595 - Revision : 5 - Type : OS-WINDOWS
2017-03-14Microsoft Windows GDI privilege escalation attempt
RuleID : 41592 - Revision : 4 - Type : OS-WINDOWS
2017-03-14Microsoft Windows GDI privilege escalation attempt
RuleID : 41591 - Revision : 4 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2017-06-14Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms17_jun_windows8.nasl - Type : ACT_GATHER_INFO
2017-03-17Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms17-013.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/96023
CONFIRM https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0038
EXPLOIT-DB https://www.exploit-db.com/exploits/41363/
MISC https://0patch.blogspot.com/2017/02/0patching-0-day-windows-gdi32dll-memory.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=992
https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
SECTRACK http://www.securitytracker.com/id/1037845

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
DateInformations
2017-09-01 09:24:53
  • Multiple Updates
2017-07-25 09:23:09
  • Multiple Updates
2017-03-28 09:20:00
  • Multiple Updates
2017-03-18 13:24:38
  • Multiple Updates
2017-03-18 09:24:24
  • Multiple Updates
2017-03-16 09:24:11
  • Multiple Updates
2017-03-08 09:24:13
  • Multiple Updates
2017-03-06 09:24:42
  • Multiple Updates
2017-02-20 21:25:11
  • First insertion