漏洞标题
Windows图形组件信息泄露漏洞
漏洞描述信息
当Windows GDI组件不正确披露其内存内容时,存在信息泄露漏洞,也被称为“Windows图形组件信息泄露漏洞”。此CVE ID与CVE-2019-1154和CVE-2019-1158唯一。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
漏洞类别
N/A
漏洞标题
Windows Graphics Component Information Disclosure Vulnerability
漏洞描述信息
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.
The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
漏洞类别
N/A
漏洞标题
Microsoft Windows和Windows Server Graphics Device Interface 信息泄露漏洞
漏洞描述信息
Microsoft Windows和Microsoft Windows Server都是美国微软(Microsoft)公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。Windows Graphics Device Interface(GDI)是其中的一个图形设备接口。 Microsoft Windows GDI中的EMF图形的解析存在信息泄露漏洞。攻击者可借助带有特制数据的EMF图形利用该漏洞获取敏感信息。以
CVSS信息
N/A
漏洞类别
信息泄露