Page 22 of 198 results (0.214 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2016-5647

https://notcve.org/view.php?id=CVE-2016-5647

The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash) or gain privileges via a crafted D3DKMTEscape request. El módulo igdkmd64 en el Intel Graphics Driver hasta la versión 15.33.42.435, 15.36.x hasta la versión 15.36.30.4385 y 15.40.x hasta la versión 15.40.4404 en Windows pernute a usuarios locales provocar una denegación de servicio (caída) u obtener privilegios a través de una petición D3DKMTEscape manipulada. • http://www.securityfocus.com/bid/91708 http://www.talosintelligence.com/reports/TALOS-2016-0087 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00054&languageid=en-fr https://support.lenovo.com/us/en/product_security/ps500068 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 1

CVE-2016-7225 – Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138)

https://notcve.org/view.php?id=CVE-2016-7225

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability." Virtual Hard Disk Driver en Windows 10 Gold, 1511 y 1607 y Windows Server 2016 no restringe adecuadamente el acceso a archivos, lo que permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "VHD Driver Elevation of Privilege Vulnerability". • https://www.exploit-db.com/exploits/40764 http://www.securityfocus.com/bid/94016 http://www.securitytracker.com/id/1037248 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138 • CWE-284: Improper Access Control •

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 1

CVE-2016-7224 – Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation (MS16-138)

https://notcve.org/view.php?id=CVE-2016-7224

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability." Virtual Hard Disk Driver en Microsoft Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 no restringe adecuadamente el acceso a archivos, lo que permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "VHD Driver Elevation of Privilege Vulnerability". The VHDMP driver does not open physical disk drives securely when creating a new VHD leading to information disclosure and elevation of privilege by allowing a user to access data they should not have access to. • https://www.exploit-db.com/exploits/40765 http://www.securityfocus.com/bid/94017 http://www.securitytracker.com/id/1037248 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138 • CWE-284: Improper Access Control •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 1

CVE-2016-7226 – Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138)

https://notcve.org/view.php?id=CVE-2016-7226

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability." Virtual Hard Disk Driver en Windows 10 Gold, 1511 y 1607 y Windows Server 2016 no restringe adecuadamente el acceso a archivos, lo que permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "VHD Driver Elevation of Privilege Vulnerability". The VHDMP driver does not safely create files related to Resilient Change Tracking leading to arbitrary file overwrites under user control leading to elevation of privilege. • https://www.exploit-db.com/exploits/40763 http://www.securityfocus.com/bid/94018 http://www.securitytracker.com/id/1037248 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138 • CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 6

CVE-2016-7255 – Microsoft Win32k Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2016-7255

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." Los controladores kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permiten a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Win32k Elevation of Privilege Vulnerability". The Microsoft Windows kernel suffers from a denial of service vulnerability as outlined in MS16-135. Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. • https://www.exploit-db.com/exploits/40745 https://www.exploit-db.com/exploits/41015 https://www.exploit-db.com/exploits/40823 https://github.com/FSecureLABS/CVE-2016-7255 https://github.com/heh3/CVE-2016-7255 https://github.com/homjxi0e/CVE-2016-7255 http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html http:&#x • CWE-264: Permissions, Privileges, and Access Controls •