1. Home
  2. CVE Database
  3. CVE-2017-0058
MEDIUM · 4.7

CVE-2017-0058

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability cou...

Vulnerability Description

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability."

CVSS Score

4.7

MEDIUM

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
MicrosoftWindows 10All versions
MicrosoftWindows 7All versions
MicrosoftWindows 8.1All versions
MicrosoftWindows Rt 8.1All versions
MicrosoftWindows Server 2008All versions
MicrosoftWindows Server 2012All versions
MicrosoftWindows Server 2016All versions
MicrosoftWindows VistaAll versions

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2017-0058?

CVE-2017-0058 is a vulnerability with a CVSS score of 4.7 (MEDIUM). A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability cou...

How severe is CVE-2017-0058?

CVE-2017-0058 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-0058?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 10, Microsoft Windows 7, Microsoft Windows 8.1, Microsoft Windows Rt 8.1, Microsoft Windows Server 2008.