CVE-2016-0038Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows 10

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents3 sources
Severity
7.8HIGHNVD
EPSS
20.3%
top 4.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Windows 10Microsoft Windows Server 2008Microsoft Windows Server 2012
Timeline
PublishedFeb 10
Latest updateMay 14

Description

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Memory Corruption Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-26v4-vq66-h2r9: Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 82022-05-14

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - February 20162016-02-09
Talos
Microsoft Patch Tuesday - February 20162016-02-09
CVE-2016-0038 — Microsoft Windows 10 vulnerability | cvebase