Vulnerabilities > CVE-2016-3309 - Unspecified vulnerability in Microsoft products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.
Vulnerable Configurations
Exploit-Db
description | Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow. CVE-2016-3309. Local exploit for Win_x86-64 platform |
file | exploits/windows_x86-64/local/42960.txt |
id | EDB-ID:42960 |
last seen | 2017-10-06 |
modified | 2017-10-06 |
platform | windows_x86-64 |
port | |
published | 2017-10-06 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/42960/ |
title | Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow |
type | local |
Msbulletin
bulletin_id | MS16-098 |
bulletin_url | |
date | 2016-08-09T00:00:00 |
impact | Elevation of Privilege |
knowledgebase_id | 3178466 |
knowledgebase_url | |
severity | Important |
title | Security Update for Windows Kernel-Mode Drivers |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS16-098.NASL |
description | The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities in the Windows kernel-mode driver due to a failure to properly handle objects in memory. An authenticated, remote attacker can exploit these issues, via a crafted application, to execute arbitrary code in kernel mode. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 92821 |
published | 2016-08-09 |
reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/92821 |
title | MS16-098: Security Update for Windows Kernel-Mode Drivers (3178466) |
Related news
References
- http://www.securityfocus.com/bid/92297
- http://www.securityfocus.com/bid/92297
- http://www.securitytracker.com/id/1036572
- http://www.securitytracker.com/id/1036572
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-098
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-098
- https://www.exploit-db.com/exploits/42960/
- https://www.exploit-db.com/exploits/42960/