Out-of-bounds read information disclosure vulnerability in Microsoft Windows GDI+ EMR_STRETCHDIBITS record (again)
An information disclosure vulnerability (CVE-2022-38006) exists when the Windows GDI+ component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the userβs system.