Vulnerability Details CVE-2018-1037
An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.064
EPSS Ranking 90.5%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/103715
- http://www.securitytracker.com/id/1040664
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1037
- http://www.securityfocus.com/bid/103715
- http://www.securitytracker.com/id/1040664
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1037
Products affected by CVE-2018-1037
-
cpe:2.3:a:microsoft:visual_studio:2010
-
cpe:2.3:a:microsoft:visual_studio:2012
-
cpe:2.3:a:microsoft:visual_studio:2013
-
cpe:2.3:a:microsoft:visual_studio:2015
-
cpe:2.3:a:microsoft:visual_studio:2017
-
cpe:2.3:a:microsoft:visual_studio_2017:15.6.6
-
cpe:2.3:a:microsoft:visual_studio_2017:15.7