Medium severity4.4NVD Advisory· Published May 12, 2017· Updated May 13, 2026

CVE-2017-0190

Description

The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability."

Affected products

Microsoft Corporation/Microsoft Windowsv5
Range: Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0190nvdPatchVendor Advisory
www.securityfocus.com/bid/98298nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038451nvd

News mentions

No linked articles in our index yet.

cvss	0.286
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000