Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-0015Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows 10

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-287Improper Authentication9 documents8 sources
Severity
7.8HIGHNVD
EPSS
65.1%
top 1.52%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
14
Microsoft Windows 10Microsoft Windows Server 2008Microsoft Windows Server 2012+11 more
Timeline
PublishedJan 13
Latest updateMay 14

Description

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "DirectShow Heap Corruption Remote Code Execution Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages13 packages

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-f5w3-cqp3-wr54: DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 82022-05-14

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows - devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007)2016-01-13

📋Vendor Advisories

3
VMware
VMware Horizon View updates address directory traversal vulnerability2016-10-06
Red Hat
curl: NTLM credentials not-checked for proxy connection re-use2016-01-27
Microsoft
CVE-2016-0015: Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No Reference: https://catalog2016-01-12

🕵️Threat Intelligence

3
Talos
Microsoft Patch Tuesday - January 20162016-01-12
Talos
Microsoft Patch Tuesday - January 20162016-01-12
Zscaler
Zscaler found Multiple Security Vulnerabilities | 01-12-2016