CVE-2016-0117
https://notcve.org/view.php?id=CVE-2016-0117
The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability." La librería PDF en Microsoft Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, y Windows 10 Gold y 1511 permite a atacantes remotos ejecutar código arbitrario a través de un documento PDF manipulado, también conocido como "Windows Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/84109 http://www.securitytracker.com/id/1035202 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-028 • CWE-20: Improper Input Validation •
CVE-2016-0133
https://notcve.org/view.php?id=CVE-2016-0133
The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by inserting a crafted USB device, aka "USB Mass Storage Elevation of Privilege Vulnerability." El controlador USB Mass Storage Class en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a atacantes físicamente próximos ejecutar código arbitrario insertando un dispositivo USB manipulado, también conocido como "USB Mass Storage Elevation of Privilege Vulnerability". • http://www.securityfocus.com/bid/84035 http://www.securitytracker.com/id/1035211 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-033 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-0121 – Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
https://notcve.org/view.php?id=CVE-2016-0121
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability." Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a atacantes remotos ejecutar código arbitrario a través de una fuente OpenType manipulada, también conocida como "OpenType Font Parsing Vulnerability". There is a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file. • https://www.exploit-db.com/exploits/39560 http://www.securityfocus.com/bid/84027 http://www.securitytracker.com/id/1035198 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-026 • CWE-20: Improper Input Validation •
CVE-2016-0094 – Microsoft Windows Kernel - Bitmap Use-After-Free
https://notcve.org/view.php?id=CVE-2016-0094
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0093, CVE-2016-0095, and CVE-2016-0096. El driver kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "Win32k Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0093, CVE-2016-0095 y CVE-2016-0096. • https://www.exploit-db.com/exploits/39647 http://www.securityfocus.com/bid/84066 http://www.securitytracker.com/id/1035212 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-034 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-0093 – Microsoft Windows Kernel - 'NtGdiGetTextExtentExW' Out-of-Bounds Memory Read
https://notcve.org/view.php?id=CVE-2016-0093
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0094, CVE-2016-0095, and CVE-2016-0096. El driver kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "Win32k Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0094, CVE-2016-0095 y CVE-2016-0096. • https://www.exploit-db.com/exploits/39648 http://www.securityfocus.com/bid/84054 http://www.securitytracker.com/id/1035212 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-034 • CWE-264: Permissions, Privileges, and Access Controls •