Main Vulnerability Database Exploits ID:104 - Exploit for Elevation of privilege in Windows and Windows Server - CVE-2016-3309

ID:104 - Exploit for Elevation of privilege in Windows and Windows Server - CVE-2016-3309

Published: March 18, 2020

Vulnerability identifier: #VU288

Vulnerability risk: Low

CVE-ID: CVE-2016-3309

CWE-ID: CWE-119

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/siberas/CVE-2016-3309_Reloaded

Vulnerability description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

ID:104 - Exploit for Elevation of privilege in Windows and Windows Server - CVE-2016-3309

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human