VYPR
Medium severity5.3NVD Advisory· Published Mar 17, 2017· Updated Jun 17, 2026

CVE-2017-0061

CVE-2017-0061

Description

The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1 allows remote attackers to bypass ASLR and execute code in combination with another vulnerability through a crafted website, aka "Microsoft Color Management Information Disclosure Vulnerability." This vulnerability is different from that described in CVE-2017-0063.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows2 versions
    cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
    • (no CPE)range: Vista SP2, Server 2008 SP2 and R2, 7 SP1
  • Range: Vista SP2, Server 2008 SP2 and R2, 7 SP1
  • Microsoft Corporation/Color Managementv5
    Range: The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.