Multiple vulnerabilities in Windows Win32k.sys driver

Published: 2016-08-10 13:35:35
Severity Low
Patch available YES
Number of vulnerabilities 4
CVE ID CVE-2016-3311
CVE-2016-3310
CVE-2016-3309
CVE-2016-3308
CVSSv3 7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
7.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-119
Exploitation vector Local
Public exploit Public exploit code for vulnerability #3 is available.
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows Vista
Windows 7
Windows 8.1
Windows RT 8.1
Windows 10
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Vendor URL Microsoft

Security Advisory

Discovered vulnerabilities may allow a local user to elevate privileges on vulnerable system.

1) Elevation of privilege

Description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

External links

https://technet.microsoft.com/en-us/library/security/ms16-098.aspx

2) Elevation of privilege

Description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

External links

https://technet.microsoft.com/en-us/library/security/ms16-098.aspx

3) Elevation of privilege

Description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

External links

https://technet.microsoft.com/en-us/library/security/ms16-098.aspx

4) Elevation of privilege

Description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

External links

https://technet.microsoft.com/en-us/library/security/ms16-098.aspx

Back to List