Medium severity5.5NVD Advisory· Published Sep 13, 2017· Updated May 13, 2026
CVE-2017-8688
CVE-2017-8688
Description
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8685.
Affected products
1- Microsoft Corporation/Windows GDI+v5Range: Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8688nvdPatchVendor Advisory
- www.securityfocus.com/bid/100756nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039338nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.