CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2016-7295
https://notcve.org/view.php?id=CVE-2016-7295
The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information from process memory via a crafted application, aka "Windows Common Log File System Driver Information Disclosure Vulnerability." El controlador Common Log File System (CLFS) en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a atacantes locales obtener información sensible desde la memoria de proceso a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows Common Log File System Driver Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/94787 http://www.securitytracker.com/id/1037454 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-153 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2016-7259
https://notcve.org/view.php?id=CVE-2016-7259
The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." El Graphics Component en los controladores del modo kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a usuarios locales ganar privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Win32k Elevation of Privilege Vulnerability". • http://blog.quarkslab.com/cve-2016-7259-an-empty-file-into-the-blue.html http://packetstormsecurity.com/files/140172/Microsoft-Windows-Type-1-Font-Processing-Privilege-Escalation.html http://www.securityfocus.com/archive/1/539919/100/0/threaded http://www.securityfocus.com/bid/94771 http://www.securitytracker.com/id/1037452 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-151 • CWE-19: Data Processing Errors •
CVSS: 9.3EPSS: 89%CPEs: 12EXPL: 0CVE-2016-7272 – Microsoft Windows Icon File Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7272
The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability." El componente Graphics en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a atacantes remotos ejecutar código arbitrario a través de un sitio web manipulado, vulnerabilidad también conocida como "Windows Graphics Remote Code Execution Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file or folder. The specific flaw exists within the processing of icon files. The issue results from the lack of proper validation of user-supplied data which can result in an integer overflow before writing to memory. • http://www.securityfocus.com/bid/94739 http://www.securitytracker.com/id/1037438 http://www.zerodayinitiative.com/advisories/ZDI-16-645 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-146 • CWE-19: Data Processing Errors •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 1CVE-2019-0948 – Microsoft Windows Event Viewer XML External Entity Processing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-0948
An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity, aka 'Windows Event Viewer Information Disclosure Vulnerability'. Existe una vulnerabilidad de revelación de información en el Windows Event Viewer ( eventvwr.msc) cuando analiza incorrectamente una entrada XML, conteniendo una referencia a una entidad exterior (conocido como Windows Event information Disclosure Vulnerability) This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Event Viewer. Due to the improper restriction of XML External Entity (XXE) references, a specially crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose the contents of files in the context of the current user. • https://www.exploit-db.com/exploits/40863 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0948 https://www.zerodayinitiative.com/advisories/ZDI-19-641 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.3EPSS: 53%CPEs: 10EXPL: 0CVE-2016-7205
https://notcve.org/view.php?id=CVE-2016-7205
Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Animation Manager Memory Corruption Vulnerability." Animation Manager en Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a atacantes remotos ejecutar código arbitrario a través de un sitio web manipulado, vulnerabilidad también conocida como "Windows Animation Manager Memory Corruption Vulnerability." • http://www.securityfocus.com/bid/94033 http://www.securitytracker.com/id/1037243 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-132 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •