CVE-2016-0176Microsoft Windows 10 vulnerability

CWE-2648 documents6 sources
Severity
7.8HIGHNVD
EPSS
0.3%
top 43.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
16
Microsoft Windows 10Microsoft Windows Server 2008Microsoft Windows Server 2012+13 more
Timeline
PublishedMay 11
Latest updateMay 14

Description

dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages15 packages

🔴Vulnerability Details

1
GHSA
GHSA-95rm-5q9p-2jc3: dxgkrnl2022-05-14

📋Vendor Advisories

1
Microsoft
DirectX Elevation of Privilege Vulnerability2016-05-10

🕵️Threat Intelligence

3
Talos
Microsoft Patch Tuesday - May 20162016-05-10
Talos
Microsoft Patch Tuesday - May 20162016-05-10
Zscaler
Zscaler found Multiple Security Vulnerabilities | 05-11-2016

💬Community

1
Bugzilla
CVE-2016-4330 hdf5: H5T_ARRAY heap buffer overflow2016-11-23