Test ID:	1.3.6.1.4.1.25623.1.0.810811
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Graphics Component Multiple Vulnerabilities (4013075)
Summary:	This host is missing a critical security; update according to Microsoft Bulletin MS17-013.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS17-013. Vulnerability Insight: Multiple flaws are due to - The way the Windows Graphics Device Interface (GDI) handles objects in memory. - The Windows GDI component improperly discloses the contents of its memory. - The way that the Color Management Module (ICM32.dll) handles objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to perform remote code execution, gain access to potentially sensitive information and gain elevated privileges. Affected Software/OS: - Microsoft Windows 8 x86/x64 - Microsoft Windows XP SP2 x64 / SP3 x86 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows 10/1511/1607 x32/x64 - Microsoft Windows Server 2012/2012R2/2016 - Microsoft Windows Vista x32/x64 Edition Service Pack 2 - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 - Microsoft Windows 7 x32/x64 Edition Service Pack 1 - Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 - Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0001 BugTraq ID: 96057 http://www.securityfocus.com/bid/96057 http://www.securitytracker.com/id/1038002 Common Vulnerability Exposure (CVE) ID: CVE-2017-0005 BugTraq ID: 96033 http://www.securityfocus.com/bid/96033 Common Vulnerability Exposure (CVE) ID: CVE-2017-0025 BugTraq ID: 96626 http://www.securityfocus.com/bid/96626 Common Vulnerability Exposure (CVE) ID: CVE-2017-0047 BugTraq ID: 96034 http://www.securityfocus.com/bid/96034 Common Vulnerability Exposure (CVE) ID: CVE-2017-0060 BugTraq ID: 96713 http://www.securityfocus.com/bid/96713 https://www.exploit-db.com/exploits/41656/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0062 BugTraq ID: 96715 http://www.securityfocus.com/bid/96715 https://www.exploit-db.com/exploits/41658/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0073 BugTraq ID: 96637 http://www.securityfocus.com/bid/96637 Common Vulnerability Exposure (CVE) ID: CVE-2017-0061 BugTraq ID: 96638 http://www.securityfocus.com/bid/96638 https://www.exploit-db.com/exploits/41657/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0063 BugTraq ID: 96643 http://www.securityfocus.com/bid/96643 https://www.exploit-db.com/exploits/41659/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0038 BugTraq ID: 96023 http://www.securityfocus.com/bid/96023 https://www.exploit-db.com/exploits/41363/ https://0patch.blogspot.com/2017/02/0patching-0-day-windows-gdi32dll-memory.html https://bugs.chromium.org/p/project-zero/issues/detail?id=992 https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS http://www.securitytracker.com/id/1037845 Common Vulnerability Exposure (CVE) ID: CVE-2017-0108 BugTraq ID: 96722 http://www.securityfocus.com/bid/96722 https://www.exploit-db.com/exploits/41647/ Common Vulnerability Exposure (CVE) ID: CVE-2017-0014 BugTraq ID: 96013 http://www.securityfocus.com/bid/96013 https://secuniaresearch.flexerasoftware.com/secunia_research/2017-9/
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.