CVE-2017-0038

Published: Feb 20, 2017Modified: May 13, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220.

Affected (12)

Products: Microsoft: Windows 10, Windows 7, Windows 8.1, Windows Rt 8.1, Windows Server 2008, Windows Server 2012, Windows Server 2016, Windows Vista

8 products

Windows Server 2008

Windows Server 2012

Windows Server 2016

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 10	All versions
Microsoft Windows 10	Version 1511
Microsoft Windows 10	Version 1607
Microsoft Windows 7	All versions
Microsoft Windows 8.1	All versions
Microsoft Windows Rt 8.1	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2012	All versions
Microsoft Windows Server 2012	Version r2
Microsoft Windows Server 2016	All versions
Microsoft Windows Vista	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (14)

http://www.securityfocus.com/bid/96023

Source: secure@microsoft.com

http://www.securitytracker.com/id/1037845

Source: secure@microsoft.com

https://0patch.blogspot.com/2017/02/0patching-0-day-windows-gdi32dll-memory.html

Source: secure@microsoft.com

Issue TrackingPatchThird Party Advisory

https://bugs.chromium.org/p/project-zero/issues/detail?id=992

Source: secure@microsoft.com

PatchThird Party Advisory

https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS

Source: secure@microsoft.com

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0038

Source: secure@microsoft.com

https://www.exploit-db.com/exploits/41363/

Source: secure@microsoft.com

http://www.securityfocus.com/bid/96023

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1037845

Source: af854a3a-2127-422b-91ae-364da2661108

https://0patch.blogspot.com/2017/02/0patching-0-day-windows-gdi32dll-memory.html

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://bugs.chromium.org/p/project-zero/issues/detail?id=992

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS

Source: af854a3a-2127-422b-91ae-364da2661108

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0038

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/41363/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.