| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
4951 |
CVE-2016-7505 |
119 |
|
DoS Exec Code Overflow |
2016-10-28 |
2016-12-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition. |
|
4952 |
CVE-2016-7504 |
416 |
|
DoS Exec Code |
2016-10-28 |
2016-12-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. MuJS before 5c337af4b3df80cf967e4f9f6a21522de84b392a. A successful exploitation of this issue can lead to code execution or denial of service condition. |
|
4953 |
CVE-2016-7490 |
264 |
|
|
2016-11-10 |
2016-12-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps elevate privileges. |
|
4954 |
CVE-2016-7488 |
264 |
|
Exec Code |
2016-11-10 |
2016-12-02 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root. |
|
4955 |
CVE-2016-7480 |
119 |
|
DoS Exec Code Overflow |
2017-01-11 |
2018-01-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. |
|
4956 |
CVE-2016-7479 |
416 |
|
Exec Code |
2017-01-11 |
2018-05-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. |
|
4957 |
CVE-2016-7462 |
749 |
|
|
2016-12-29 |
2017-07-27 |
7.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Complete |
|
The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization. |
|
4958 |
CVE-2016-7461 |
119 |
|
DoS Exec Code Overflow |
2016-12-29 |
2017-07-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors. |
|
4959 |
CVE-2016-7454 |
352 |
|
CSRF |
2016-12-16 |
2016-12-21 |
7.9 |
None |
Local Network |
Medium |
Not required |
Complete |
Complete |
Complete |
|
CSRF vulnerability on Technicolor TC dpc3941T (formerly Cisco dpc3941T) devices with firmware dpc3941-P20-18-v303r20421733-160413a-CMCST allows an attacker to change the Wi-Fi password, open the remote management interface, or reset the router. |
|
4960 |
CVE-2016-7453 |
89 |
|
Sql |
2016-11-03 |
2016-12-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection. |
|
4961 |
CVE-2016-7448 |
399 |
|
DoS |
2017-02-06 |
2018-10-30 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. |
|
4962 |
CVE-2016-7447 |
119 |
|
Overflow |
2017-02-06 |
2018-10-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. |
|
4963 |
CVE-2016-7446 |
119 |
|
Overflow |
2017-02-06 |
2018-10-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317. |
|
4964 |
CVE-2016-7443 |
434 |
|
|
2018-03-06 |
2018-03-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location." |
|
4965 |
CVE-2016-7425 |
119 |
|
DoS Overflow +Priv |
2016-10-16 |
2017-01-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code. |
|
4966 |
CVE-2016-7417 |
20 |
|
DoS |
2016-09-17 |
2018-05-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data. |
|
4967 |
CVE-2016-7415 |
119 |
|
DoS Overflow |
2016-09-17 |
2018-01-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string. |
|
4968 |
CVE-2016-7414 |
119 |
|
DoS Overflow |
2016-09-17 |
2018-05-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c. |
|
4969 |
CVE-2016-7413 |
416 |
|
DoS |
2016-09-17 |
2018-05-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call. |
|
4970 |
CVE-2016-7411 |
119 |
|
DoS Overflow Mem. Corr. |
2016-09-17 |
2017-07-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object. |
|
4971 |
CVE-2016-7405 |
89 |
|
Sql |
2016-10-03 |
2017-06-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. |
|
4972 |
CVE-2016-7402 |
264 |
|
Sql |
2016-11-03 |
2016-11-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection. |
|
4973 |
CVE-2016-7400 |
89 |
|
Exec Code Sql |
2017-02-07 |
2018-02-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action. |
|
4974 |
CVE-2016-7391 |
264 |
|
DoS |
2016-11-08 |
2017-09-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100010b where a missing array bounds check can allow a user to write to kernel memory, leading to denial of service or potential escalation of privileges. |
|
4975 |
CVE-2016-7390 |
264 |
|
DoS |
2016-11-08 |
2017-09-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000194 where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges. |
|
4976 |
CVE-2016-7389 |
264 |
|
+Priv |
2016-11-08 |
2016-11-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R361_93 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer (nvidia.ko) handler for mmap() where improper input validation may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges. |
|
4977 |
CVE-2016-7388 |
264 |
|
DoS |
2016-11-08 |
2017-01-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges. |
|
4978 |
CVE-2016-7387 |
264 |
|
DoS |
2016-11-08 |
2017-09-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x600000D where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges. |
|
4979 |
CVE-2016-7385 |
264 |
|
DoS |
2016-11-08 |
2017-09-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x700010d where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges. |
|
4980 |
CVE-2016-7384 |
264 |
|
DoS |
2016-11-08 |
2017-09-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of service or potential escalation of privileges. |
|
4981 |
CVE-2016-7382 |
275 |
|
+Priv |
2016-11-08 |
2017-01-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges. |
|
4982 |
CVE-2016-7381 |
264 |
|
DoS |
2016-11-08 |
2017-01-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a user input to index an array is not bounds checked, leading to denial of service or potential escalation of privileges. |
|
4983 |
CVE-2016-7297 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-12-20 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7296. |
|
4984 |
CVE-2016-7296 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-12-20 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288, and CVE-2016-7297. |
|
4985 |
CVE-2016-7292 |
19 |
|
+Priv |
2016-12-20 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Installer Elevation of Privilege Vulnerability." |
|
4986 |
CVE-2016-7288 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-12-20 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296, and CVE-2016-7297. |
|
4987 |
CVE-2016-7287 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-12-20 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." |
|
4988 |
CVE-2016-7286 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-12-20 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7288, CVE-2016-7296, and CVE-2016-7297. |
|
4989 |
CVE-2016-7279 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-12-20 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." |
|
4990 |
CVE-2016-7275 |
19 |
|
+Priv |
2016-12-20 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability." |
|
4991 |
CVE-2016-7260 |
264 |
|
+Priv |
2016-12-20 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
|
4992 |
CVE-2016-7259 |
19 |
|
+Priv |
2016-12-20 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
|
4993 |
CVE-2016-7255 |
264 |
|
+Priv |
2016-11-10 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
|
4994 |
CVE-2016-7246 |
264 |
|
+Priv |
2016-11-10 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." |
|
4995 |
CVE-2016-7243 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-11-10 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7242. |
|
4996 |
CVE-2016-7242 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-11-10 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7243. |
|
4997 |
CVE-2016-7241 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-11-10 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." |
|
4998 |
CVE-2016-7240 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-11-10 |
2018-10-12 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7242, and CVE-2016-7243. |
|
4999 |
CVE-2016-7238 |
264 |
|
+Priv |
2016-11-10 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandle caching for NTLM password-change requests, which allows local users to gain privileges via a crafted application, aka "Windows NTLM Elevation of Privilege Vulnerability." |
|
5000 |
CVE-2016-7222 |
264 |
|
+Priv |
2016-11-10 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Task Scheduler in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to gain privileges via a crafted UNC pathname in a task, aka "Task Scheduler Elevation of Privilege Vulnerability." |
