Vulnerabilities > CVE-2016-3309 - Unspecified vulnerability in Microsoft products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
microsoft
nessus
exploit available

Summary

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.

Exploit-Db

descriptionMicrosoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow. CVE-2016-3309. Local exploit for Win_x86-64 platform
fileexploits/windows_x86-64/local/42960.txt
idEDB-ID:42960
last seen2017-10-06
modified2017-10-06
platformwindows_x86-64
port
published2017-10-06
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/42960/
titleMicrosoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow
typelocal

Msbulletin

bulletin_idMS16-098
bulletin_url
date2016-08-09T00:00:00
impactElevation of Privilege
knowledgebase_id3178466
knowledgebase_url
severityImportant
titleSecurity Update for Windows Kernel-Mode Drivers

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS16-098.NASL
descriptionThe remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities in the Windows kernel-mode driver due to a failure to properly handle objects in memory. An authenticated, remote attacker can exploit these issues, via a crafted application, to execute arbitrary code in kernel mode.
last seen2020-06-01
modified2020-06-02
plugin id92821
published2016-08-09
reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/92821
titleMS16-098: Security Update for Windows Kernel-Mode Drivers (3178466)