Vulnerability Name: CVE-2016-7255 (CCN-118534) Assigned: 2016-11-08 Published: 2016-11-08 Updated: 2018-10-12 Summary: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." CVSS v3 Severity: 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H )7.2 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H )8.2 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-264 Vulnerability Consequences: Gain Privileges References: Source: MISC Type: UNKNOWNhttp://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/ Source: MITRE Type: CNACVE-2016-7255 Source: MISC Type: UNKNOWNhttp://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html Source: CCN Type: Microsoft Security Bulletin MS16-135Security Update for Kernel-Mode Drivers (3199135) Source: CCN Type: Microsoft Security Bulletin MS16-151Security Update for Windows Kernel-Mode Drivers (3205651) Source: CCN Type: Microsoft Security Bulletin MS17-013Security Update for Microsoft Graphics Component (4013075) Source: BID Type: Third Party Advisory, VDB Entry94064 Source: CCN Type: BID-94064Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7255 Local Privilege Escalation Vulnerability Source: SECTRACK Type: UNKNOWN1037251 Source: MS Type: UNKNOWNMS16-135 Source: XF Type: UNKNOWNms-kmd-cve20167255-priv-esc(118534) Source: MISC Type: UNKNOWNhttps://github.com/mwrlabs/CVE-2016-7255 Source: CCN Type: Packet Storm Security [11-14-2016]Microsoft Windows kernel win32k Denial Of Service Source: CCN Type: Packet Storm Security [11-28-2016]Microsoft Windows Kernel NtSetWindowLongPtr Privilege Escalation Source: CCN Type: Packet Storm Security [01-12-2017]Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr Privilege Escalation Source: MISC Type: UNKNOWNhttps://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/ Source: MISC Type: Third Party Advisoryhttps://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html Source: CCN Type: CYBERSECURITY & INFRASTRUCTURE SECURITY AGENCYKNOWN EXPLOITED VULNERABILITIES CATALOG Source: EXPLOIT-DB Type: EXPLOITOffensive Security Exploit Database [11-09-2016] Source: EXPLOIT-DB Type: UNKNOWN40745 Source: EXPLOIT-DB Type: Exploit, Third Party Advisory, VDB Entry40823 Source: EXPLOIT-DB Type: UNKNOWN41015 Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_10:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1511:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1607:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_7:*:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_8.1:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* Configuration CCN 1 :cpe:/o:microsoft:windows_vista::sp2:~~~~x64~:*:*:*:*:* OR cpe:/o:microsoft:windows_vista::sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x86:* OR cpe:/o:microsoft:windows_7::sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:* OR cpe:/o:microsoft:windows_8.1:::~~~~x64~:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_10:::~~~~x64~:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions Definition ID Class Title Last Modified oval:org.cisecurity:def:1484 V Win32k Elevation of Privilege Vulnerability - CVE-2016-7255 (MS16-135) 2016-12-30
BACK
microsoft windows 10 -
microsoft windows 10 1511
microsoft windows 10 1607
microsoft windows 7 * sp1
microsoft windows 8.1 *
microsoft windows rt 8.1 *
microsoft windows server 2008 * sp2
microsoft windows server 2008 r2 sp1
microsoft windows server 2012 -
microsoft windows server 2012 r2
microsoft windows server 2016 *
microsoft windows vista * sp2
microsoft windows vista sp2
microsoft windows vista sp2
microsoft windows server 2008 sp2
microsoft windows server 2008 sp2
microsoft windows server 2008
microsoft windows 7 - sp1
microsoft windows 7 sp1
microsoft windows server 2008 r2
microsoft windows server 2008 r2
microsoft windows server 2012
microsoft windows 8.1 - -
microsoft windows 8.1
microsoft windows server 2012 r2
microsoft windows rt 8.1 -
microsoft windows 10 -
microsoft windows 10
microsoft windows server 2016