CVE-2018-1037

medium

Description

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.

References

Advisories
More

http://www.securitytracker.com/id/1040664

http://www.securityfocus.com/bid/103715

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1037

Details

Source: Mitre, NVD

Published: 2018-04-12

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.03618