CVE-2016-0058Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows Server 2012

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources
Severity
7.8HIGHNVD
EPSS
26.3%
top 3.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Windows Server 2012
Timeline
PublishedFeb 10
Latest updateDec 15

Description

Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls, aka "Microsoft PDF Library Buffer Overflow Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-q5cc-r97w-q7w3: Buffer overflow in the PDF Library in Microsoft Windows 82022-05-14

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - February 20162016-02-09
Talos
Microsoft Patch Tuesday - February 20162016-02-09

📄Research Papers

1
arXiv
Do Chase Your Tail! Missing Key Aspects Augmentation in Textual Vulnerability Descriptions of Long-tail Software through Feature Inference2024-12-15

💬Community

1
Bugzilla
CVE-2016-1521 graphite2: Out-of-bound read vulnerability triggered by crafted fonts2016-02-09