4.3

CVE-2018-1037

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.

Data is provided by the National Vulnerability Database (NVD)
MicrosoftVisual Studio Version2010 Updatesp1
MicrosoftVisual Studio Version2012 Updateupdate5
MicrosoftVisual Studio Version2013 Updateupdate5
MicrosoftVisual Studio Version2015 Updateupdate3
MicrosoftVisual Studio Version2017
MicrosoftVisual Studio 2017 Version15.6.6
MicrosoftVisual Studio 2017 Version15.7 Editionpreview
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 9.47% 0.925
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.