CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2016-0070 – Microsoft Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
https://notcve.org/view.php?id=CVE-2016-0070
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability." El kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold, 1511 y 1607 permite a usuarios locales obtener privilegios a través de una aplicación manipulada que hace una llamada API para acceder a información sensible en el registro, vulnerabilidad también conocida como "Windows Kernel Local Elevation of Privilege Vulnerability". Windows Kernel Registry Hive loading suffers from a negative RtlMoveMemory size in nt!CmpCheckValueList. • https://www.exploit-db.com/exploits/40600 http://www.securityfocus.com/bid/93354 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-124 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 1CVE-2016-0073 – Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124)
https://notcve.org/view.php?id=CVE-2016-0073
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0075. El kernel en Microsoft Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold, 1511 y 1607 permite a usuarios locales obtener privilegios a través de una aplicación manipulada que hace una llamada API para acceder a información sensible en el registro, vulnerabilidad también conocida como "Windows Kernel Local Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0075. The Windows DeviceApi CMApi PnpCtxRegOpenCurrentUserKey function doesn't check the impersonation level of the current effective token allowing a normal user to create arbitrary registry keys in another user's loaded hive leading to elevation of privilege. • https://www.exploit-db.com/exploits/40574 http://www.securityfocus.com/bid/93355 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-124 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2016-0075 – Microsoft Windows - DeviceApi CMApi PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
https://notcve.org/view.php?id=CVE-2016-0075
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0073. El kernel en Microsoft Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold, 1511 y 1607 permite a usuarios locales obtener privilegios a través de una aplicación manipulada que hace una llamada API para acceder a información sensible en el registro, vulnerabilidad también conocida como "Windows Kernel Local Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0073. The Windows DeviceApi CMApi PiCMOpenClassKey IOCTL allows a normal user to create arbitrary registry keys in the system hive leading to elevation of privilege. • https://www.exploit-db.com/exploits/40573 http://www.securityfocus.com/bid/93356 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-124 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 28%CPEs: 11EXPL: 0CVE-2016-3266
https://notcve.org/view.php?id=CVE-2016-3266
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3376, CVE-2016-7185, and CVE-2016-7211. Los drivers kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold, 1511 y 1607 permiten a usuarios locales obtener privilegios a través de una aplicación manipulada, una vulnerabilidad también conocida como "Win32k Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-3376, CVE-2016-7185 y CVE-2016-7211. • http://www.securityfocus.com/bid/93384 http://www.securitytracker.com/id/1036996 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-123 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 49%CPEs: 19EXPL: 0CVE-2016-3263
https://notcve.org/view.php?id=CVE-2016-3263
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "GDI+ Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3262. Graphics Device Interface (también conocido como GDI o GDI+) en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; Windows 10 Gold, 1511 y 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee y Live Meeting 2007 Console permite a atacantes remotos eludir el mecanismo de protección ASLR a través de vectores no especificados, vulnerabilidad también conocida como "GDI+ Information Disclosure Vulnerability", una vulnerabilidad diferente a CVE-2016-3262. • http://www.securityfocus.com/bid/93394 http://www.securitytracker.com/id/1036988 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-120 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •