CVSS: 4.3EPSS: 5%CPEs: 10EXPL: 1CVE-2016-3216 – Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Out-of-Bounds Reads/Memory Disclosure (MS16-074)
https://notcve.org/view.php?id=CVE-2016-3216
GDI32.dll in the Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windows Graphics Component Information Disclosure Vulnerability." GDI32.dll en el componente Graphics en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a atacantes remotos eludir el mecanismo de protección ASLR a través de vectores no especificados, también conocida como "Windows Graphics Component Information Disclosure Vulnerability". gdi32.dll in Microsoft Windows suffers from a heap-based out-of-bounds reads / memory disclosure vulnerability in multiple DIB-related EMF record handlers. • https://www.exploit-db.com/exploits/39990 http://www.securitytracker.com/id/1036101 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-074 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2016-3218
https://notcve.org/view.php?id=CVE-2016-3218
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3221. Los controladores de modo del kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "Win32k Elevation of Privilege Vulnerability", una vulnerabilidad diferente de CVE-2016-3221. • http://www.securitytracker.com/id/1036109 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-073 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2016-3221
https://notcve.org/view.php?id=CVE-2016-3221
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3218. Los controladores de modo del kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través una aplicación manipulada, también conocida como "Win32k Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-3218. • http://www.securitytracker.com/id/1036109 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-073 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 3CVE-2016-3225 – Windows Net-NTLMv2 Reflection DCOM/RPC (Juicy)
https://notcve.org/view.php?id=CVE-2016-3225
The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application that forwards an authentication request to an unintended service, aka "Windows SMB Server Elevation of Privilege Vulnerability." El componente del servidor SMB en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, y Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través de una aplicación manipulada que reenvía una solicitud de autenticación para un servicio no intencionado, también conocida como "Windows SMB Server Elevation of Privilege Vulnerability." A default installation of Windows 7/8 can be made to perform a NTLM reflection attack through WebDAV which allows a local user to elevate privileges to local system. • https://www.exploit-db.com/exploits/45562 http://www.securitytracker.com/id/1036110 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-075 http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-a-windows-kernel-mode-vulnerability-cve-2014-4113 https://foxglovesecurity.com/2016/09/26/rotten-potato-privilege-escalation-from-service-accounts-to-system https://github.com/breenmachine/RottenPotatoNG https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/ • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 2%CPEs: 10EXPL: 1CVE-2016-3223 – Microsoft Windows 7 (x86/x64) - Group Policy Privilege Escalation (MS16-072)
https://notcve.org/view.php?id=CVE-2016-3223
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle LDAP authentication, which allows man-in-the-middle attackers to gain privileges by modifying group-policy update data within a domain-controller data stream, aka "Group Policy Elevation of Privilege Vulnerability." Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 no maneja correctamente la autenticación LDAP, lo que permite a atacantes man-in-the-middle obtener privilegios modificando los datos de actualización de políticas de grupo dentro de un flujo de datos de controlador de dominio, también conocida como "Group Policy Elevation of Privilege Vulnerability." • https://www.exploit-db.com/exploits/40219 http://packetstormsecurity.com/files/138248/Microsoft-Windows-7-Group-Policy-Privilege-Escalation.html http://www.securitytracker.com/id/1036100 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-072 • CWE-264: Permissions, Privileges, and Access Controls •