First published: Thu Apr 12 2018(Updated: )
An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Visual Studio | =2010-sp1 | |
Microsoft Visual Studio | =2012-update5 | |
Microsoft Visual Studio | =2013-update5 | |
Microsoft Visual Studio | =2015-update3 | |
Microsoft Visual Studio | =2017 | |
Microsoft Visual Studio 2017 | =15.6.6 | |
Microsoft Visual Studio 2017 | =15.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-1037 is an information disclosure vulnerability that exists when Visual Studio improperly discloses limited contents of uninitialized memory.
CVE-2018-1037 affects Microsoft Visual Studio.
CVE-2018-1037 has a severity level of 4.3 (medium).
Microsoft Visual Studio 2010 SP1, 2012 Update 5, 2013 Update 5, 2015 Update 3, and 2017 are affected by CVE-2018-1037.
Apply the necessary security updates provided by Microsoft to fix CVE-2018-1037.