vulnerability

Microsoft Windows: CVE-2017-0063:

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Mar 14, 2017
Added
Mar 14, 2017
Modified
Sep 11, 2024

Description

The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to bypass ASLR and execute code in combination with another vulnerability through a crafted website, aka "Microsoft Color Management Information Disclosure Vulnerability." This vulnerability is different from that described in CVE-2017-0061.

Solution(s)

microsoft-windows-windows_10-1507-kb4012606microsoft-windows-windows_10-1511-kb4013198microsoft-windows-windows_10-1607-kb4013429microsoft-windows-windows_server_2012_r2-kb4012213microsoft-windows-windows_server_2016-1607-kb4013429msft-kb4012212-13c36c25-fee4-429f-933e-f93ebfbb91f5msft-kb4012212-36e1591a-f6d3-44d2-aa25-540234b7eb36msft-kb4012212-4ee6f09d-38d9-47ef-8ba9-dd802352b8eemsft-kb4012212-652eea96-c2e8-4548-8f9a-40964e5e6a74msft-kb4012212-c682d11d-fc2e-4852-9da7-c2198958bf6cmsft-kb4012212-fb31138f-b6a5-499c-9eb6-5b5f9fff6bfdmsft-kb4012213-317ca43c-7dfe-4e04-8a21-2c6c4ab4fbb9msft-kb4012213-5d351df3-6efb-4b17-93e0-b0e3a5babbc3msft-kb4012584-141a8898-360a-47f4-a958-74f54c4e77b3msft-kb4012584-176cbd00-9a76-40c0-bee4-fea6cb6f553cmsft-kb4012584-6c7474f4-ccb5-418b-8337-fb4108ae1a26msft-kb4012584-8c96ce7e-5c8b-4a7e-a137-751ecbc0bae3msft-kb4012584-d5a116c1-9aef-474a-94b7-c6b9415d2812msft-kb4012584-effbab6a-de82-43aa-8b8c-55dc72ab5864
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.