Vulnerabilities > CVE-2016-5852 - Unspecified vulnerability in Nvidia Geforce Experience
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
Vulnerable Configurations
Nessus
NASL family | Windows |
NASL id | NVIDIA_WIN_CVE_2016_4959.NASL |
description | The version of the NVIDIA graphics driver installed on the remote Windows host is 340.x prior to 341.96, 352.x prior to 354.99, 361.x prior to 362.77, or 367.x prior to 368.39. It is, therefore, affected by multiple vulnerabilities : - A privilege escalation vulnerability exists in GFE GameStream due to an unquoted search path. A local attacker can exploit this, via a malicious executable in the root path, to elevate privileges. (CVE-2016-3161) - A denial of service vulnerability exists due to a NULL pointer dereference flaw. An unauthenticated, remote attacker can exploit this to cause a crash. (CVE-2016-4959) - A privilege escalation vulnerability exists in the NVStreamKMS.sys driver due to improper sanitization of user-supplied data passed via API entry points. A local attacker can exploit this to gain elevated privileges. (CVE-2016-4960) - A denial of service vulnerability exists in the NVStreamKMS.sys driver due to improper handling of parameters. An unauthenticated, remote attacker can exploit this to cause a crash. (CVE-2016-4961) - A denial of service vulnerability exists in the NVAPI support layer due to improper sanitization of parameters. An unauthenticated, remote attacker can exploit this to cause a crash. (CVE-2016-5025) - A privilege escalation vulnerability exists in the NVTray plugin due to an unquoted search path. A local attacker can exploit this, via a malicious executable in the root path, to elevate privileges. (CVE-2016-5852) Note that CVE-2016-3161, CVE-2016-4960, CVE-2016-4961, and CVE-2016-5852 only affect systems which also have GeForce Experience software installed. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 93912 |
published | 2016-10-07 |
reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/93912 |
title | NVIDIA Graphics Driver 340.x < 341.96 / 352.x < 354.99 / 361.x < 362.77 / 367.x < 368.39 Multiple Vulnerabilities |
code |
|
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/4213
- http://nvidia.custhelp.com/app/answers/detail/a_id/4213
- http://www.securityfocus.com/bid/93251
- http://www.securityfocus.com/bid/93251
- https://support.lenovo.com/us/en/product_security/ps500070
- https://support.lenovo.com/us/en/product_security/ps500070