← Back

CVE-2018-1037

nvd nist
Published: Apr 12, 2018Modified: Nov 21, 2024

JSON object

Loading...
4.3
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.

Affected (7)

Microsoft
2 products
Visual Studio
Visual Studio 2017
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Visual Studio
Version 2010 sp1
Visual Studio
Version 2012 update5
Visual Studio
Version 2013 update5
Visual Studio
Version 2015 update3
Visual Studio
Version 2017
Microsoft
Visual Studio 2017
Version 15.6.6
Visual Studio 2017
Version 15.7

Related CWEs

CWE-908
Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.

References (6)

Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.