Unrated severityNVD Advisory· Published Aug 15, 2018· Updated Aug 5, 2024

CVE-2018-8397

Description

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka "GDI+ Remote Code Execution Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

Affected products

Microsoft/Windows Graphics Device Interfacellm-fuzzy
Range: Windows 7, Windows Server 2008, Windows Server 2008 R2
Microsoft/Windows 7cpe-rescue
Range: 32-bit Systems Service Pack 1
Microsoft/Windows Server 2008cpe-rescue2 versions
32-bit Systems Service Pack 2+ 1 more
- (no CPE)range: 32-bit Systems Service Pack 2
- (no CPE)range: Itanium-Based Systems Service Pack 1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/104994mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1041460mitrevdb-entryx_refsource_SECTRACK
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8397mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.029
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000