CVE-2016-7212
https://notcve.org/view.php?id=CVE-2016-7212
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka "Windows Remote Code Execution Vulnerability." Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a atacantes remotos ejecutar código arbitrario a través de un archivo de imagen manipulado, vulnerabilidad también conocida como "Windows Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/94027 http://www.securitytracker.com/id/1037241 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-130 • CWE-284: Improper Access Control •
CVE-2016-7221
https://notcve.org/view.php?id=CVE-2016-7221
Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading, which allows local users to gain privileges via unspecified vectors, aka "Windows IME Elevation of Privilege Vulnerability." Input Method Editor (IME) en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 no maneja adecuadamente la carga de DLL, lo que permite a usuarios locales obtener privilegios a través de vectores no especificados, vulnerabilidad también conocida como "Windows IME Elevation of Privilege Vulnerability". • http://www.securityfocus.com/bid/94021 http://www.securitytracker.com/id/1037241 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-130 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-3332
https://notcve.org/view.php?id=CVE-2016-3332
The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. El controlador Common Log File System (CLFS) en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows Common Log File System Driver Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0026, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343 y CVE-2016-7184. • http://www.securityfocus.com/bid/94008 http://www.securitytracker.com/id/1037252 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-7223
https://notcve.org/view.php?id=CVE-2016-7223
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability." Virtual Hard Disk Driver en Microsoft Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 no restringe adecuadamente el acceso a archivos, lo que permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "VHD Driver Elevation of Privilege Vulnerability". • http://www.securityfocus.com/bid/94003 http://www.securitytracker.com/id/1037248 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138 • CWE-284: Improper Access Control •
CVE-2016-3333
https://notcve.org/view.php?id=CVE-2016-3333
The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. El controlador Common Log File System (CLFS) en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows Common Log File System Driver Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0026, CVE-2016-3332, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343 y CVE-2016-7184. • http://www.securityfocus.com/bid/94009 http://www.securitytracker.com/id/1037252 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •