CVSS: 9.3EPSS: 0%CPEs: 12EXPL: 0CVE-2016-3343
https://notcve.org/view.php?id=CVE-2016-3343
The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, and CVE-2016-7184. El controlador Common Log File System (CLFS) en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows Common Log File System Driver Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342 y CVE-2016-7184. • http://www.securityfocus.com/bid/94007 http://www.securitytracker.com/id/1037252 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: 12EXPL: 0CVE-2016-7214
https://notcve.org/view.php?id=CVE-2016-7214
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass the ASLR protection mechanism via a crafted application, aka "Win32k Information Disclosure Vulnerability." Los controladores kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permiten a usuarios locales eludir el mecanismo de protección ASLR a través de una aplicación manipulada, vulnerabilidad también conocida como "Win32k Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/93991 http://www.securitytracker.com/id/1037251 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 2%CPEs: 12EXPL: 0CVE-2016-7210
https://notcve.org/view.php?id=CVE-2016-7210
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted Open Type font on a web site, aka "Open Type Font Information Disclosure Vulnerability." atmfd.dll en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a atacantes remotos obtener información sensible de memoria de proceso a través de una fuente Open Type manipulada en un sitio web, vulnerabilidad también conocida como "Open Type Font Information Disclosure Vulnerability". • http://www.securityfocus.com/archive/1/539734/100/0/threaded http://www.securityfocus.com/bid/94030 http://www.securitytracker.com/id/1037243 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-132 https://secuniaresearch.flexerasoftware.com/secunia_research/2016-16 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 12EXPL: 0CVE-2016-0026
https://notcve.org/view.php?id=CVE-2016-0026
The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. El controlador Common Log File System (CLFS) en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows Common Log File System Driver Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343 y CVE-2016-7184. • http://www.securityfocus.com/bid/93998 http://www.securitytracker.com/id/1037252 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 12EXPL: 0CVE-2016-3340
https://notcve.org/view.php?id=CVE-2016-3340
The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. El controlador Common Log File System (CLFS) en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como "Windows Common Log File System Driver Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3342, CVE-2016-3343 y CVE-2016-7184. • http://www.securityfocus.com/bid/94010 http://www.securitytracker.com/id/1037252 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •