Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-8596: Windows GDI Information Disclosure Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2018-8596: Windows GDI Information Disclosure Vulnerability

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

12/11/2018

Created

03/19/2019

Added

12/11/2018

Modified

11/18/2021

Description

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.

Solution(s)

msft-kb4471319-3b63c573-e760-4b64-8b0c-b41b09d0c04e
msft-kb4471319-d7b224d2-3ed1-452b-b5fb-3c57644e6edb
msft-kb4471319-df6d8a77-d088-4e9c-95b6-6eb2c4b28ab2
msft-kb4471321-1f82da30-7a0c-4189-8206-b8bd846fc40a
msft-kb4471321-7df4436e-0ced-46c1-885f-8b7f28c90b57
msft-kb4471321-d8cbc402-b6d7-4dee-afea-4cd24f17f7a9
msft-kb4471322-39654137-cb30-429e-b09a-2c39055716c1
msft-kb4471322-9640d47a-8c7c-41b1-aadf-fd395f1e88e7
msft-kb4471322-ef16ea25-025f-4781-b5b2-1b10037c0bf6
msft-kb4471323-0442e432-26cc-4a49-83fe-58f23a8faf88
msft-kb4471323-1f48ea87-9464-4a31-8b37-97bd8be11607
msft-kb4471324-0e2209a8-b313-4182-a691-bc0359625c49
msft-kb4471324-9ba7b397-2fd3-4ba9-bfee-3ed1dd3eb602
msft-kb4471324-b00ee170-59ea-4273-b954-98e3cdc792e2
msft-kb4471326-64108385-ce77-40f4-bd2c-e26ee53ea94a
msft-kb4471326-74621895-db6f-4e45-9013-2951b4bab044
msft-kb4471326-97d2cd9d-1d32-4fbc-b49d-d068f0e7adc9
msft-kb4471327-3cf458e0-ccb2-4d2b-aedb-ec7c5662ed3f
msft-kb4471327-d3230f4d-8567-48b1-84a5-01a6297f6c0d
msft-kb4471328-2ba588ed-ee5a-4e23-87fe-ee2c66364f56
msft-kb4471328-5a2ac57b-10da-460f-bc0e-83034074c293
msft-kb4471328-68bfcb28-4719-4baf-9183-d9952f6b613f
msft-kb4471328-d3c0ddcf-bea9-42e1-97f8-f6dbdd1df6b1
msft-kb4471328-e65f4aeb-c84f-4a37-bb62-083dfac7c6eb
msft-kb4471328-f8033a1b-bc42-40db-ab0d-427eb5de19ca
msft-kb4471329-4596bf15-3446-45d2-b7ee-f8f13d8975c8
msft-kb4471329-8397c215-e9e9-4016-9c86-a53138d613ad
msft-kb4471329-d0c3a1b3-42d6-447b-b120-4553beaa0b0b
msft-kb4471332-3761d6e6-6044-4ef8-968e-cb9b2f4e278b
msft-kb4471332-6e676d6c-db05-4979-b1ab-0aa1e81413ee
msft-kb4471332-a065b5b1-6a82-42e6-9f77-3f1cd1467717

References

https://attackerkb.com/topics/cve-2018-8596
CVE - 2018-8596
4471318
4471319
4471320
4471321
4471322
4471323
4471324
4471325
4471326
4471327
4471328
4471329
4471330
4471332

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-8596: Windows GDI Information Disclosure Vulnerability

Microsoft CVE-2018-8596: Windows GDI Information Disclosure Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.