FortiClient VulnerabilityMicrosoft Color Management CVE-2017-0063 Information Disclosure Vulnerability
Description
Multiple information disclosure vulnerabilities exist in the way that the Color Management Module (ICM32.dll) handles objects in memory. These vulnerabilities allow an attacker to retrieve information to bypass usermode ASLR (Address Space Layout Randomization) on a targeted system. By itself, the information disclosures do not allow arbitrary code execution; however, they could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.
Affected Applications
Windows 10
Windows 7
Windows 8
Windows RT 8.1
Windows Server 2008
Windows Server 2012
Windows Server 2016
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
CVE References
CVE-2017-0063Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0063| ID | 35543 |
| Created | Jul 11, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Windows 10 , Windows 7 , Windows 8 , Windows RT 8.1 , Windows Server 2008 , Windows Server 2012 , Windows Server 2016 , Windows Vista Service Pack 2 , Windows Vista x64 Edition Service Pack 2 |