CVE-2017-0005

HighKnown Exploited

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows…

microsoft·NVD-CWE-noinfo·Published 2017-03-17

CVSS

7.8

EPSS

0.11

KEV

Yes

Exploits

cve.orgen

442 chars

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0025, and CVE-2017-0047.

NVDen

442 chars

NVDes

483 chars

La Graphics Device Interface (GDI) en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1 y Windows 10 Gold, 1511 y 1607 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows GDI Elevation of Privilege Vulnerability". Esta vulnerabilidad es distinta de aquellas descritas en CVE-2017-0001, CVE-2017-0025 y CVE-2017-0047.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.9	3.4	10.0	AV:L/AC:M/Au:N/C:C/I:C/A:C
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H