CVE-2017-0058

MEDIUM

Windows - Information Disclosure in Win32k Component

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0058. PoCs published by Google Security Research.

AI-analyzed exploit summary The writeup details two bugs in win32k!NtGdiGetDIBitsInternal: a double-fetch leading to kernel pool memory disclosure and an unhandled out-of-bounds write causing DoS. No exploit code is provided, only analysis and crash logs.

Description

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability."

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/41879

View Code ZIP pw:eip

The writeup details two bugs in win32k!NtGdiGetDIBitsInternal: a double-fetch leading to kernel pool memory disclosure and an unhandled out-of-bounds write causing DoS. No exploit code is provided, only analysis and crash logs.

Classification

Writeup 100%

Attack Type

Dos | Info Leak

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Windows (win32k.sys)

No auth needed

Prerequisites: Ability to invoke NtGdiGetDIBitsInternal syscall · Special Pools enabled for win32k.sys (for reliable crash)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/97462

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/41879/

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0058

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1038239

Scores

CVSS v3 4.7

EPSS 0.0365

EPSS Percentile 88.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (14)

microsoft/windows_10

microsoft/windows_10 1511

microsoft/windows_10 1607

microsoft/windows_10 1703

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_2008

microsoft/windows_server_2008 r2 sp1

microsoft/windows_server_2012

... and 4 more

Published Apr 12, 2017

Tracked Since Feb 18, 2026