| Vulnerability Name: | CVE-2016-7217 (CCN-118312) | ||||||||||||
| Assigned: | 2016-11-08 | ||||||||||||
| Published: | 2016-11-08 | ||||||||||||
| Updated: | 2018-10-12 | ||||||||||||
| Summary: | Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memory Corruption Vulnerability." | ||||||||||||
| CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2016-7217 Source: CCN Type: Microsoft Security Bulletin MS16-132 Security Update for Microsoft Graphics Component (3199120) Source: BID Type: UNKNOWN 94066 Source: CCN Type: BID-94066 Microsoft Windows Media Foundation CVE-2016-7217 Memory Corruption Vulnerability Source: SECTRACK Type: UNKNOWN 1037243 Source: MS Type: UNKNOWN MS16-132 Source: XF Type: UNKNOWN ms-wmf-cve20167217-code-exec(118312) | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||