{"containers": {"cna": {"affected": [{"product": "Windows Server 2016", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "(Server Core installation)"}]}, {"product": "Windows 10", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "Version 1607 for 32-bit Systems"}, {"status": "affected", "version": "Version 1607 for x64-based Systems"}, {"status": "affected", "version": "Version 1703 for 32-bit Systems"}, {"status": "affected", "version": "Version 1703 for x64-based Systems"}, {"status": "affected", "version": "Version 1709 for 32-bit Systems"}, {"status": "affected", "version": "Version 1709 for x64-based Systems"}, {"status": "affected", "version": "Version 1803 for 32-bit Systems"}, {"status": "affected", "version": "Version 1803 for x64-based Systems"}]}, {"product": "Windows 10 Servers", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "version 1709 (Server Core Installation)"}, {"status": "affected", "version": "version 1803 (Server Core Installation)"}]}], "datePublic": "2018-06-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \"Windows GDI Information Disclosure Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows 10 Servers."}], "problemTypes": [{"descriptions": [{"description": "Information Disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-15T09:57:01.000Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "104401", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104401"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8239"}, {"name": "1041102", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041102"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2018-8239", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Windows Server 2016", "version": {"version_data": [{"version_value": "(Server Core installation)"}]}}, {"product_name": "Windows 10", "version": {"version_data": [{"version_value": "Version 1607 for 32-bit Systems"}, {"version_value": "Version 1607 for x64-based Systems"}, {"version_value": "Version 1703 for 32-bit Systems"}, {"version_value": "Version 1703 for x64-based Systems"}, {"version_value": "Version 1709 for 32-bit Systems"}, {"version_value": "Version 1709 for x64-based Systems"}, {"version_value": "Version 1803 for 32-bit Systems"}, {"version_value": "Version 1803 for x64-based Systems"}]}}, {"product_name": "Windows 10 Servers", "version": {"version_data": [{"version_value": "version 1709 (Server Core Installation)"}, {"version_value": "version 1803 (Server Core Installation)"}]}}]}, "vendor_name": "Microsoft"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \"Windows GDI Information Disclosure Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows 10 Servers."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Disclosure"}]}]}, "references": {"reference_data": [{"name": "104401", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104401"}, {"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8239", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8239"}, {"name": "1041102", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041102"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:46:13.825Z"}, "title": "CVE Program Container", "references": [{"name": "104401", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/104401"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8239"}, {"name": "1041102", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041102"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2018-8239", "datePublished": "2018-06-14T12:00:00.000Z", "dateReserved": "2018-03-14T00:00:00.000Z", "dateUpdated": "2024-08-05T06:46:13.825Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*", "matchCriteriaId": "37097C39-D588-4018-B94D-5EB87B1E3D5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "matchCriteriaId": "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \"Windows GDI Information Disclosure Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows 10 Servers."}, {"lang": "es", "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n cuando el componente Windows GDI no muestra correctamente los contenidos de su memoria. Esto tambi\u00e9n se conoce como \"Windows GDI Information Disclosure Vulnerability\". Esto afecta a Windows Server 2016, Windows 10 y Windows 10 Servers."}], "id": "CVE-2018-8239", "lastModified": "2024-11-21T04:13:29.060", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-14T12:29:02.193", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104401"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041102"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8239"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104401"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041102"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8239"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}