Out-of-bounds read information disclosure vulnerability in Microsoft Windows GDI+ EMR_STRETCHDIBITS record (again)
28 May 2022 at 09:14
An information disclosure vulnerability (CVE-2022-38006) exists when the Windows GDI+ component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the userβs system.