4.3
CVE-2018-1037
- EPSS 9.47%
- Published 12.04.2018 01:29:10
- Last modified 21.11.2024 03:59:02
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Visual Studio Version2010 Updatesp1
Microsoft ≫ Visual Studio Version2012 Updateupdate5
Microsoft ≫ Visual Studio Version2013 Updateupdate5
Microsoft ≫ Visual Studio Version2015 Updateupdate3
Microsoft ≫ Visual Studio Version2017
Microsoft ≫ Visual Studio 2017 Version15.6.6
Microsoft ≫ Visual Studio 2017 Version15.7 Editionpreview
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Type | Source | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 9.47% | 0.925 |
Source | Base Score | Exploit Score | Impact Score | Vector string |
---|---|---|---|---|
nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
|
nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.