Microsoft Windows GDI Information Disclosure Vulnerability



A vulnerability in the Graphics Device Interface (GDI) component of Microsoft Windows could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.

The vulnerability exists because the affected software performs improper memory operations that could result in the disclosure of memory contents. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to access sensitive information, which could be used to conduct additional attacks.

Microsoft confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2019-0614

Source:: Cisco Multivendor Vulnerability Alerts