CVE-2018-8563

EUVD-2018-20180
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2008 R2.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_7
-
microsoftwindows_7
-
microsoftwindows_8.1
-
microsoftwindows_rt_8.1
-
microsoftwindows_server_2012
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 7
Service Pack 1 (x64, x86)
KB4467107
Windows 8.1
(x64, x86)
KB4467703
Windows RT 8.1
All
KB4467697
Windows Server 2008 R2
Service Pack 1 (x64)
KB4467107
Service Pack 1 Server Core (x64)
KB4467107
Windows Server 2012
Server Core
KB4467701
Standard
KB4467701
Windows Server 2012 R2
Server Core
KB4467703
Standard
KB4467703
References
http://www.securityfocus.com/bid/105778
http://www.securitytracker.com/id/1042135
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8563
http://www.securityfocus.com/bid/105778
http://www.securitytracker.com/id/1042135
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8563