Microsoft Visual Studio CVE-2018-1037 Information Disclosure Vulnerability

description-logoDescription

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files. An attacker who took advantage of this information disclosure could view uninitialized memory from the Visual Studio instance used to compile the PDB file.

affected-products-logoAffected Applications

Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2012 Update 5
Microsoft Visual Studio 2013 Update 5
Microsoft Visual Studio 2015 Update 3
Microsoft Visual Studio 2017
Microsoft Visual Studio 2017 Version 15.6.6
Microsoft Visual Studio 2017 Version 15.7 Preview

CVE References

CVE-2018-1037