virus logo FortiClient Vulnerability

Microsoft Windows GDI+ CVE-2017-8676 Information Disclosure Vulnerability

description-logoDescription

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.

affected-products-logoAffected Applications

Microsoft Live Meeting 2007 Add-in
Microsoft Live Meeting 2007 Console
Microsoft Lync 2010 (32-bit)
Microsoft Lync 2010 (64-bit)
Microsoft Lync 2010 Attendee (admin level install)
Microsoft Lync 2010 Attendee (user level install)
Microsoft Lync 2013 Service Pack 1 (32-bit)
Microsoft Lync 2013 Service Pack 1 (64-bit)
Microsoft Lync Basic 2013 Service Pack 1 (32-bit)
Microsoft Lync Basic 2013 Service Pack 1 (64-bit)
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2016 for Mac
Microsoft Office Word Viewer
Microsoft Office for Mac 2011
Skype for Business 2016 (32-bit)
Skype for Business 2016 (64-bit)
Skype for Business 2016 Basic (32-bit)
Skype for Business 2016 Basic (64-bit)
Windows 10
Windows 7
Windows 8
Windows RT 8.1
Windows Server 2008
Windows Server 2012
Windows Server 2016

CVE References

CVE-2017-8676

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-8676
ID 36612
Created Jul 11, 2018
Description
Updated		 Dec 21, 2023
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Microsoft Live Meeting 2007 Add-in , Microsoft Live Meeting 2007 Console , Microsoft Lync 2010 (32-bit) , Microsoft Lync 2010 (64-bit) , Microsoft Lync 2010 Attendee (admin level install) , Microsoft Lync 2010 Attendee (user level install) , Microsoft Lync 2013 Service Pack 1 (32-bit) , Microsoft Lync 2013 Service Pack 1 (64-bit) , Microsoft Lync Basic 2013 Service Pack 1 (32-bit) , Microsoft Lync Basic 2013 Service Pack 1 (64-bit) , Microsoft Office 2007 Service Pack 3 , Microsoft Office 2010 Service Pack 2 (32-bit editions) , Microsoft Office 2010 Service Pack 2 (64-bit editions) , Microsoft Office 2016 for Mac , Microsoft Office Word Viewer , Microsoft Office for Mac 2011 , Skype for Business 2016 (32-bit) , Skype for Business 2016 (64-bit) , Skype for Business 2016 Basic (32-bit) , Skype for Business 2016 Basic (64-bit) , Windows 10 , Windows 7 , Windows 8 , Windows RT 8.1 , Windows Server 2008 , Windows Server 2012 , Windows Server 2016