Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
1.9
CVSSv2

CVE-2017-8481

Published: 15/06/2017 Updated: 19/03/2019
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 5 | Impact Score: 3.6 | Exploitability Score: 1.3
VMScore: 195
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Microsoft

Vulnerability Summary

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated malicious user to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE-2017-8483, CVE-2017-8482, CVE-2017-8480, CVE-2017-8479, CVE-2017-8478, CVE-2017-8476, CVE-2017-8474, CVE-2017-8469, CVE-2017-8462, CVE-2017-0300, CVE-2017-0299, and CVE-2017-0297.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows rt 8.1 -

microsoft windows server 2008 -

microsoft windows server 2008 r2

microsoft windows 10 -

microsoft windows 10 1511

microsoft windows 10 1607

microsoft windows 7 -

microsoft windows server 2012 -

microsoft windows 10 1703

microsoft windows 8.1 -

microsoft windows server 2012 r2

microsoft windows server 2016 -

Exploits

Exploit DB: Microsoft Windows - 'nt!NtQueryInformationResourceManager (information class 0)' Kernel Stack Memory Disclosure
/* Source: bugschromiumorg/p/project-zero/issues/detail?id=1207 We have discovered that the nt!NtQueryInformationResourceManager system call called with the 0 information class discloses portions of uninitialized kernel stack memory to user-mode clients, on Windows 7 to Windows 10 The specific name of the 0 information class or the lay ...

References

CWE-200https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8481http://www.securityfocus.com/bid/98862http://www.securitytracker.com/id/1038659https://www.exploit-db.com/exploits/42242/https://nvd.nist.govhttps://www.exploit-db.com/exploits/42242/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook