cvelistv5 - cve-2016-7255

CVE-2016-7255 (GCVE-0-2016-7255)

Vulnerability from cvelistv5

Published

2016-11-10 06:16

Modified

2025-10-21 23:55

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Summary

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

References

URL

Tags

secure@microsoft.com	http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/	Broken Link
secure@microsoft.com	http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.securityfocus.com/bid/94064	Broken Link, Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.securitytracker.com/id/1037251	Broken Link, Third Party Advisory, VDB Entry
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135	Patch, Vendor Advisory
secure@microsoft.com	https://github.com/mwrlabs/CVE-2016-7255	Exploit, Third Party Advisory
secure@microsoft.com	https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/	Broken Link
secure@microsoft.com	https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html	Third Party Advisory
secure@microsoft.com	https://www.exploit-db.com/exploits/40745/	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	https://www.exploit-db.com/exploits/40823/	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	https://www.exploit-db.com/exploits/41015/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94064	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037251	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/mwrlabs/CVE-2016-7255	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/40745/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/40823/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/41015/	Exploit, Third Party Advisory, VDB Entry
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2021-11-03

Due date: 2022-05-03

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-7255

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:46.856Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/mwrlabs/CVE-2016-7255"
          },
          {
            "name": "40823",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40823/"
          },
          {
            "name": "41015",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41015/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/"
          },
          {
            "name": "40745",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40745/"
          },
          {
            "name": "1037251",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037251"
          },
          {
            "name": "MS16-135",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/"
          },
          {
            "name": "94064",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94064"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2016-7255",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T16:41:26.496082Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:55:48.547Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2016-7255 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/mwrlabs/CVE-2016-7255"
        },
        {
          "name": "40823",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40823/"
        },
        {
          "name": "41015",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41015/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/"
        },
        {
          "name": "40745",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40745/"
        },
        {
          "name": "1037251",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037251"
        },
        {
          "name": "MS16-135",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/"
        },
        {
          "name": "94064",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94064"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2016-7255",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html"
            },
            {
              "name": "https://github.com/mwrlabs/CVE-2016-7255",
              "refsource": "MISC",
              "url": "https://github.com/mwrlabs/CVE-2016-7255"
            },
            {
              "name": "40823",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40823/"
            },
            {
              "name": "41015",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41015/"
            },
            {
              "name": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/",
              "refsource": "MISC",
              "url": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/"
            },
            {
              "name": "40745",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40745/"
            },
            {
              "name": "1037251",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037251"
            },
            {
              "name": "MS16-135",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135"
            },
            {
              "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/",
              "refsource": "MISC",
              "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/"
            },
            {
              "name": "94064",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94064"
            },
            {
              "name": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html",
              "refsource": "MISC",
              "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2016-7255",
    "datePublished": "2016-11-10T06:16:00.000Z",
    "dateReserved": "2016-09-09T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:55:48.547Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2016-7255",
      "cwes": "[\"CWE-264\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2016-7255",
      "product": "Win32k",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-7255\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2016-11-10T07:00:09.460\",\"lastModified\":\"2025-10-22T00:15:55.567\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \\\"Win32k Elevation of Privilege Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"Los controladores kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permiten a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, vulnerabilidad tambi\u00e9n conocida como \\\"Win32k Elevation of Privilege Vulnerability\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2022-05-03\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft Win32k Privilege Escalation Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"542DAEEC-73CC-46C6-A630-BF474A3446AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A8E9D99-BD78-4340-88F2-5AFF27AC37C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61019899-D7AF-46E4-A72C-D189180F66AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B1C231-DE19-4B8F-A4AA-5B3A65276E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6CE5198-C498-4672-AF4C-77AB4BE06C5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F422A8C-2C4E-42C8-B420-E0728037E15C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ACA9287-B475-4AF7-A4DA-A7143CEF9E57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF1AD1A1-EE20-4BCE-9EE6-84B27139811C\"}]}]}],\"references\":[{\"url\":\"http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/94064\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037251\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/mwrlabs/CVE-2016-7255\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/40745/\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/40823/\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/41015/\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/94064\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037251\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/mwrlabs/CVE-2016-7255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/40745/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/40823/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/41015/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"n/a\", \"vendor\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2016-11-08T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \\\"Win32k Elevation of Privilege Vulnerability.\\\"\"}], \"problemTypes\": [{\"descriptions\": [{\"description\": \"n/a\", \"lang\": \"en\", \"type\": \"text\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2018-10-12T19:57:01.000Z\", \"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\"}, \"references\": [{\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/mwrlabs/CVE-2016-7255\"}, {\"name\": \"40823\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"], \"url\": \"https://www.exploit-db.com/exploits/40823/\"}, {\"name\": \"41015\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"], \"url\": \"https://www.exploit-db.com/exploits/41015/\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/\"}, {\"name\": \"40745\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"], \"url\": \"https://www.exploit-db.com/exploits/40745/\"}, {\"name\": \"1037251\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"], \"url\": \"http://www.securitytracker.com/id/1037251\"}, {\"name\": \"MS16-135\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\"], \"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/\"}, {\"name\": \"94064\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"], \"url\": \"http://www.securityfocus.com/bid/94064\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html\"}], \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"secure@microsoft.com\", \"ID\": \"CVE-2016-7255\", \"STATE\": \"PUBLIC\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"n/a\", \"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}}]}, \"vendor_name\": \"n/a\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \\\"Win32k Elevation of Privilege Vulnerability.\\\"\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html\", \"refsource\": \"MISC\", \"url\": \"http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html\"}, {\"name\": \"https://github.com/mwrlabs/CVE-2016-7255\", \"refsource\": \"MISC\", \"url\": \"https://github.com/mwrlabs/CVE-2016-7255\"}, {\"name\": \"40823\", \"refsource\": \"EXPLOIT-DB\", \"url\": \"https://www.exploit-db.com/exploits/40823/\"}, {\"name\": \"41015\", \"refsource\": \"EXPLOIT-DB\", \"url\": \"https://www.exploit-db.com/exploits/41015/\"}, {\"name\": \"https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/\", \"refsource\": \"MISC\", \"url\": \"https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/\"}, {\"name\": \"40745\", \"refsource\": \"EXPLOIT-DB\", \"url\": \"https://www.exploit-db.com/exploits/40745/\"}, {\"name\": \"1037251\", \"refsource\": \"SECTRACK\", \"url\": \"http://www.securitytracker.com/id/1037251\"}, {\"name\": \"MS16-135\", \"refsource\": \"MS\", \"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135\"}, {\"name\": \"http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/\", \"refsource\": \"MISC\", \"url\": \"http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/\"}, {\"name\": \"94064\", \"refsource\": \"BID\", \"url\": \"http://www.securityfocus.com/bid/94064\"}, {\"name\": \"https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html\", \"refsource\": \"MISC\", \"url\": \"https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html\"}]}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T01:57:46.856Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/mwrlabs/CVE-2016-7255\"}, {\"name\": \"40823\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"], \"url\": \"https://www.exploit-db.com/exploits/40823/\"}, {\"name\": \"41015\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"], \"url\": \"https://www.exploit-db.com/exploits/41015/\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/\"}, {\"name\": \"40745\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"], \"url\": \"https://www.exploit-db.com/exploits/40745/\"}, {\"name\": \"1037251\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"], \"url\": \"http://www.securitytracker.com/id/1037251\"}, {\"name\": \"MS16-135\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\", \"x_transferred\"], \"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/\"}, {\"name\": \"94064\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"], \"url\": \"http://www.securityfocus.com/bid/94064\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html\"}]}, {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2016-7255\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T16:41:26.496082Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T16:41:02.297Z\"}, \"timeline\": [{\"time\": \"2021-11-03T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2016-7255 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"assignerShortName\": \"microsoft\", \"cveId\": \"CVE-2016-7255\", \"datePublished\": \"2016-11-10T06:16:00.000Z\", \"dateReserved\": \"2016-09-09T00:00:00.000Z\", \"dateUpdated\": \"2025-10-21T19:55:49.761Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2016-AVI-374

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows Server 2008 R2
Microsoft	Windows	SQL Server 2014 Service Pack 2
Microsoft	Windows	Windows 10
Microsoft	Windows	SQL Server 2014 Service Pack 1
Microsoft	Windows	Windows RT 8.1
Microsoft	Windows	Windows Server 2008
Microsoft	Windows	Windows 7
Microsoft	Windows	SQL Server 2012 Service Pack 3
Microsoft	Windows	SQL Server 2016
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows Vista
Microsoft	Windows	SQL Server 2012 Service Pack 2
Microsoft	Windows	Windows 8.1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS16-132 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-130 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-138 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-140 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-137 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-139 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-131 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-136 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-134 du 08 novembre 2016	None	vendor-advisory
Bulletin de sécurité Microsoft MS16-135 du 08 novembre 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "SQL Server 2014 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "SQL Server 2014 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "SQL Server 2012 Service Pack 3",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "SQL Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "SQL Server 2012 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-7238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7238"
    },
    {
      "name": "CVE-2016-7222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7222"
    },
    {
      "name": "CVE-2016-7217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7217"
    },
    {
      "name": "CVE-2016-7226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7226"
    },
    {
      "name": "CVE-2016-3332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3332"
    },
    {
      "name": "CVE-2016-7224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7224"
    },
    {
      "name": "CVE-2016-7205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7205"
    },
    {
      "name": "CVE-2016-3343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3343"
    },
    {
      "name": "CVE-2016-7254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7254"
    },
    {
      "name": "CVE-2016-7215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7215"
    },
    {
      "name": "CVE-2016-7249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7249"
    },
    {
      "name": "CVE-2016-7216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7216"
    },
    {
      "name": "CVE-2016-3335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3335"
    },
    {
      "name": "CVE-2016-7237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7237"
    },
    {
      "name": "CVE-2016-0026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0026"
    },
    {
      "name": "CVE-2016-7256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7256"
    },
    {
      "name": "CVE-2016-3340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3340"
    },
    {
      "name": "CVE-2016-3342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3342"
    },
    {
      "name": "CVE-2016-7248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7248"
    },
    {
      "name": "CVE-2016-7218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7218"
    },
    {
      "name": "CVE-2016-7250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7250"
    },
    {
      "name": "CVE-2016-7214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7214"
    },
    {
      "name": "CVE-2016-7255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7255"
    },
    {
      "name": "CVE-2016-3334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3334"
    },
    {
      "name": "CVE-2016-7247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7247"
    },
    {
      "name": "CVE-2016-7246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7246"
    },
    {
      "name": "CVE-2016-7220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7220"
    },
    {
      "name": "CVE-2016-3333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3333"
    },
    {
      "name": "CVE-2016-7184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7184"
    },
    {
      "name": "CVE-2016-7223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7223"
    },
    {
      "name": "CVE-2016-7251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7251"
    },
    {
      "name": "CVE-2016-7221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7221"
    },
    {
      "name": "CVE-2016-3338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3338"
    },
    {
      "name": "CVE-2016-7212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7212"
    },
    {
      "name": "CVE-2016-7210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7210"
    },
    {
      "name": "CVE-2016-7225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7225"
    },
    {
      "name": "CVE-2016-7252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7252"
    },
    {
      "name": "CVE-2016-7253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7253"
    }
  ],
  "initial_release_date": "2016-11-09T00:00:00",
  "last_revision_date": "2016-11-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2016-AVI-374",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-11-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-132 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-132"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-130 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-130"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-138 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-138"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-140 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-140"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-137 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-137"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-139 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-139"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-131 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-131"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-136 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-136"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-134 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-134"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS16-135 du 08 novembre 2016",
      "url": "https://technet.microsoft.com/fr-fr/library/security/MS16-135"
    }
  ]
}

gsd-2016-7255

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-7255

Aliases

CVE-2016-7255

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-7255",
    "description": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\"",
    "id": "GSD-2016-7255",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2016-7255"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-7255"
      ],
      "details": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\"",
      "id": "GSD-2016-7255",
      "modified": "2023-12-13T01:21:20.826180Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2016-7255",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "product": "Windows",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "The kernel-mode drivers allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability\"",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Windows Vista, 7, 8.1, 10 and Windows Server 2008, 2012, and 2016 Win32k Privilege Escalation Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2016-7255",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html"
          },
          {
            "name": "https://github.com/mwrlabs/CVE-2016-7255",
            "refsource": "MISC",
            "url": "https://github.com/mwrlabs/CVE-2016-7255"
          },
          {
            "name": "40823",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/40823/"
          },
          {
            "name": "41015",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/41015/"
          },
          {
            "name": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/",
            "refsource": "MISC",
            "url": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/"
          },
          {
            "name": "40745",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/40745/"
          },
          {
            "name": "1037251",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037251"
          },
          {
            "name": "MS16-135",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135"
          },
          {
            "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/",
            "refsource": "MISC",
            "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/"
          },
          {
            "name": "94064",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/94064"
          },
          {
            "name": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html",
            "refsource": "MISC",
            "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2016-7255"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "94064",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/94064"
            },
            {
              "name": "40823",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/40823/"
            },
            {
              "name": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
            },
            {
              "name": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/",
              "refsource": "MISC",
              "tags": [],
              "url": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/"
            },
            {
              "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/"
            },
            {
              "name": "41015",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/41015/"
            },
            {
              "name": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html"
            },
            {
              "name": "https://github.com/mwrlabs/CVE-2016-7255",
              "refsource": "MISC",
              "tags": [],
              "url": "https://github.com/mwrlabs/CVE-2016-7255"
            },
            {
              "name": "1037251",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1037251"
            },
            {
              "name": "40745",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/40745/"
            },
            {
              "name": "MS16-135",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2018-10-12T22:14Z",
      "publishedDate": "2016-11-10T07:00Z"
    }
  }
}

CERTFR-2016-ALE-008

Vulnerability from certfr_alerte

Une vulnérabilité a été découverte dans Microsoft Windows. Elle permet à un attaquant de provoquer une élévation de privilèges.

Description

Le 31 octobre 2016, le groupe d'analyse de la menace de Google (Threat Analysis Group) a annoncé publiquement l'existence d'une vulnérabilité de type 0 jour permettant une élévation de privilèges dans le noyau de Windows (cf. section Documentation).
Celle-ci est activement exploitée, dans le cadre d'attaques ciblées, de manière conjointe avec la vulnérabilité CVE-2016-7855 affectant le Flash Player d'Adobe (cf. section Documentation).
Microsoft a publié un correctif le 8 novembre 2016, à l'occasion de leur mise à jour mensuelle.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation)

Microsoft Windows, toutes versions

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Annonce Microsoft du 01 novembre 2016	None	vendor-advisory
Avis CERT-FR CERTFR-2016-AVI-364 Adobe Flash Player	-	other
Avis CERT-FR CERTFR-2016-AVI-374 Microsoft Windows	-	other
Google Security Blog	-	other
Microsoft Device Guard	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMicrosoft Windows, toutes versions\u003c/P\u003e",
  "closed_at": "2016-11-09",
  "content": "## Description\n\nLe 31 octobre 2016, le groupe d\u0027analyse de la menace de Google (Threat\nAnalysis Group) a annonc\u00e9 publiquement l\u0027existence d\u0027une vuln\u00e9rabilit\u00e9\nde type 0 jour permettant une \u00e9l\u00e9vation de privil\u00e8ges dans le noyau de\nWindows (cf. section Documentation).  \nCelle-ci est activement exploit\u00e9e, dans le cadre d\u0027attaques cibl\u00e9es, de\nmani\u00e8re conjointe avec la vuln\u00e9rabilit\u00e9 CVE-2016-7855 affectant le Flash\nPlayer d\u0027Adobe (cf. section Documentation).  \nMicrosoft a publi\u00e9 un correctif le 8 novembre 2016, \u00e0 l\u0027occasion de leur\nmise \u00e0 jour mensuelle.  \n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation)\n",
  "cves": [
    {
      "name": "CVE-2016-7855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7855"
    },
    {
      "name": "CVE-2016-7255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7255"
    }
  ],
  "initial_release_date": "2016-11-02T00:00:00",
  "last_revision_date": "2016-11-09T00:00:00",
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2016-AVI-364 Adobe Flash Player",
      "url": "http://www.cert.ssi.gouv.fr/site/CERTFR-2016-AVI-364/index.html"
    },
    {
      "title": "Avis CERT-FR CERTFR-2016-AVI-374 Microsoft Windows",
      "url": "http://www.cert.ssi.gouv.fr/site/CERTFR-2016-AVI-374/index.html"
    },
    {
      "title": "Google Security Blog",
      "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
    },
    {
      "title": "Microsoft Device Guard",
      "url": "https://technet.microsoft.com/en-us/itpro/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies"
    }
  ],
  "reference": "CERTFR-2016-ALE-008",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-11-02T00:00:00.000000"
    },
    {
      "description": "cl\u00f4ture de l\u0027alerte.",
      "revision_date": "2016-11-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eMicrosoft\nWindows\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Annonce Microsoft du 01 novembre 2016",
      "url": "https://blogs.technet.microsoft.com/mmpc/2016/11/01/our-commitment-to-our-customers-security/"
    }
  ]
}

ghsa-6rfx-wjcx-jvgf

Vulnerability from github

Published

2022-05-14 02:21

Modified

2025-10-22 00:31

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-7255"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-11-10T07:00:00Z",
    "severity": "HIGH"
  },
  "details": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\"",
  "id": "GHSA-6rfx-wjcx-jvgf",
  "modified": "2025-10-22T00:31:17Z",
  "published": "2022-05-14T02:21:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7255"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mwrlabs/CVE-2016-7255"
    },
    {
      "type": "WEB",
      "url": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255"
    },
    {
      "type": "WEB",
      "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/40745"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/40823"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/41015"
    },
    {
      "type": "WEB",
      "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94064"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037251"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cnvd-2016-10937

Vulnerability from cnvd

Title

Microsoft Win32k特权提升漏洞（CNVD-2016-10937）

Description

Microsoft Windows是美国微软（Microsoft）公司发布的一系列操作系统。 Microsoft Windows的内核模式驱动程序存在特权提升漏洞。攻击者可利用该漏洞在内核模式下运行任意代码。

Severity

高

Patch Name

Microsoft Win32k特权提升漏洞（CNVD-2016-10937）的补丁

Patch Description

Microsoft Windows是美国微软（Microsoft）公司发布的一系列操作系统。 Microsoft Windows的内核模式驱动程序存在特权提升漏洞。攻击者可利用该漏洞在内核模式下运行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://technet.microsoft.com/library/security/MS16-135

Reference

https://technet.microsoft.com/library/security/MS16-135

Impacted products

Name
['Microsoft Windows Server 2008', 'Microsoft Windows Server 2008 R2', 'Microsoft Windows 7', 'Microsoft Windows Vista', 'Microsoft Windows Windows Server 2012', 'Microsoft Windows 8.1', 'Microsoft Windows Server 2012 R2', 'Microsoft Windows RT 8.1', 'Microsoft Windows 10', 'Microsoft Windows Server 2016']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "94064"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-7255"
    }
  },
  "description": "Microsoft Windows\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u53d1\u5e03\u7684\u4e00\u7cfb\u5217\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nMicrosoft Windows\u7684\u5185\u6838\u6a21\u5f0f\u9a71\u52a8\u7a0b\u5e8f\u5b58\u5728\u7279\u6743\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5185\u6838\u6a21\u5f0f\u4e0b\u8fd0\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Neel Mehta and Billy Leonard of Google???s Threat Analysis GroupFeike Hacquebord, Peter Pi and Brooks Li of Trend Micro",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://technet.microsoft.com/library/security/MS16-135",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-10937",
  "openTime": "2016-11-11",
  "patchDescription": "Microsoft Windows\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u53d1\u5e03\u7684\u4e00\u7cfb\u5217\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nMicrosoft Windows\u7684\u5185\u6838\u6a21\u5f0f\u9a71\u52a8\u7a0b\u5e8f\u5b58\u5728\u7279\u6743\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5185\u6838\u6a21\u5f0f\u4e0b\u8fd0\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Win32k\u7279\u6743\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2016-10937\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows Server 2008",
      "Microsoft Windows Server 2008 R2",
      "Microsoft Windows 7",
      "Microsoft Windows Vista",
      "Microsoft Windows Windows Server 2012",
      "Microsoft Windows 8.1",
      "Microsoft Windows Server 2012 R2",
      "Microsoft Windows RT 8.1",
      "Microsoft Windows 10",
      "Microsoft Windows Server 2016"
    ]
  },
  "referenceLink": "https://technet.microsoft.com/library/security/MS16-135",
  "serverity": "\u9ad8",
  "submitTime": "2016-11-09",
  "title": "Microsoft Win32k\u7279\u6743\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2016-10937\uff09"
}

fkie_cve-2016-7255

Vulnerability from fkie_nvd

Published

2016-11-10 07:00

Modified

2025-10-22 00:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secure@microsoft.com	http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/	Broken Link
secure@microsoft.com	http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.securityfocus.com/bid/94064	Broken Link, Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.securitytracker.com/id/1037251	Broken Link, Third Party Advisory, VDB Entry
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135	Patch, Vendor Advisory
secure@microsoft.com	https://github.com/mwrlabs/CVE-2016-7255	Exploit, Third Party Advisory
secure@microsoft.com	https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/	Broken Link
secure@microsoft.com	https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html	Third Party Advisory
secure@microsoft.com	https://www.exploit-db.com/exploits/40745/	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	https://www.exploit-db.com/exploits/40823/	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	https://www.exploit-db.com/exploits/41015/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94064	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037251	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/mwrlabs/CVE-2016-7255	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/40745/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/40823/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/41015/	Exploit, Third Party Advisory, VDB Entry
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255

Impacted products

Vendor	Product	Version
microsoft	windows_10_1507	-
microsoft	windows_10_1511	-
microsoft	windows_10_1607	-
microsoft	windows_7	-
microsoft	windows_8.1	-
microsoft	windows_rt_8.1	-
microsoft	windows_server_2008	-
microsoft	windows_server_2008	r2
microsoft	windows_server_2012	-
microsoft	windows_server_2012	r2
microsoft	windows_server_2016	-
microsoft	windows_vista	-

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Los controladores kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permiten a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, vulnerabilidad tambi\u00e9n conocida como \"Win32k Elevation of Privilege Vulnerability\"."
    }
  ],
  "id": "CVE-2016-7255",
  "lastModified": "2025-10-22T00:15:55.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2016-11-10T07:00:09.460",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94064"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037251"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/mwrlabs/CVE-2016-7255"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40745/"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40823/"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/41015/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037251"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/mwrlabs/CVE-2016-7255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40745/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40823/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/41015/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7255"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2016-7255 (GCVE-0-2016-7255)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTFR-2016-AVI-374

Vulnerability from certfr_avis

Solution

gsd-2016-7255

Vulnerability from gsd

CERTFR-2016-ALE-008

Vulnerability from certfr_alerte

Description

Solution

ghsa-6rfx-wjcx-jvgf

Vulnerability from github

cnvd-2016-10937

Vulnerability from cnvd

fkie_cve-2016-7255

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature