Hyper-V Information Disclosure Vulnerability - CVE-2017-0168ID: oval:org.secpod.oval:def:39765 | Date: (C)2017-04-12 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information.An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how the Windows Hyper-V Network Switch validates guest operating system user input.
Platform: |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |