CVE-2016-0101Improper Input Validation in Microsoft Windows 10

CWE-20Improper Input Validation4 documents3 sources
Severity
8.8HIGHNVD
EPSS
48.3%
top 2.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Windows 10Microsoft Windows Server 2008Microsoft Windows Server 2012
Timeline
PublishedMar 9
Latest updateMay 14

Description

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution Vulnerability."

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

🔴Vulnerability Details

1
GHSA
GHSA-h329-qjg7-rg8f: Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 82022-05-14

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - March 20162016-03-08
Talos
Microsoft Patch Tuesday - March 20162016-03-08