CVE-2016-0179
published 2016-05-11CVE-2016-0179: Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code…
PriorityP350high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
24.19%
97.6th percentile
Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2012 | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_8.1_for_32-bit_systems | — | — |
| msrc | windows_8.1_for_x64-based_systems | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2012_r2 | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc7.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-55qq-22jq-gj9x: Windows Shell in Microsoft Windows 8
ghsa_unreviewed·2022-05-14
CVE-2016-0179 [HIGH] CWE-284 GHSA-55qq-22jq-gj9x: Windows Shell in Microsoft Windows 8
Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."
Microsoft
Windows Shell Remote Code Execution Vulnerability
vendor_msrc·2016-05-10·CVSS 7.8
CVE-2016-0179 [HIGH] Windows Shell Remote Code Execution Vulnerability
Windows Shell Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when Windows Shell improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
In a web-based attack scenario, an attacker could host a website used to attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted co
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday - May 2016
blogs_talos·2016-05-10·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - May 2016
## Microsoft Patch Tuesday - May 2016
This post is authored by Holger Unterbrink .
Patch Tuesday for May 2016 has arrived where Microsoft releases their monthly set of security bulletins designed to address security vulnerabilities within their products. This month's release contains 16 bulletins addressing 33 vulnerabilities. Eight bulletins are rated critical, addressing vulnerabilities in Edge, Internet Explorer, Office, Graphic Components, VBScript, and Windows Shell. The remaining bulletins are rated important and address vulnerabilities in Internet Explorer, Office, Windows Kernel, IIS, Media Center, Hyper-V, .NET, and several other Windows components.
## Bulletins Rated Critical Vulnerabilities in Microsoft bulletins MS16-051 through MS16-057 and MS16-064 are rated as critical in
Talos
Microsoft Patch Tuesday - May 2016
blogs_talos·2016-05-10·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - May 2016
This post is authored by Holger Unterbrink.
Patch Tuesday for May 2016 has arrived where Microsoft releases their monthly set of security bulletins designed to address security vulnerabilities within their products. This month's release contains 16 bulletins addressing 33 vulnerabilities. Eight bulletins are rated critical, addressing vulnerabilities in Edge, Internet Explorer, Office, Graphic Components, VBScript, and Windows Shell. The remaining bulletins are rated important and address vulnerabilities in Internet Explorer, Office, Windows Kernel, IIS, Media Center, Hyper-V, .NET, and several other Windows components.
## Bulletins Rated CriticalVulnerabilities in Microsoft bulletins MS16-051 through MS16-057 and MS16-064 are rated as critical in this month's release.
MS16-051and MS16-
Bugzilla
CVE-2016-4333 hdf5: H5T_COMPOUND heap buffer overflow
bugzilla·2016-11-23·CVSS 8.6
CVE-2016-4333 [HIGH] CVE-2016-4333 hdf5: H5T_COMPOUND heap buffer overflow
CVE-2016-4333 hdf5: H5T_COMPOUND heap buffer overflow
The vulnerability exists due to the library allocating space for the array using a value from the file, and then within the loop for initializing said array allowing a value within the file to modify the loop’s terminator. Due to this, an aggressor can cause the loop’s index to point outside the bounds of the array when initializing it. This is a heap-based buffer overflow, and can lead to code execution under the context of the application using the library.
External References:
http://www.talosintelligence.com/reports/TALOS-2016-0179/
Discussion:
Created hdf5 tracking bugs for this issue:
Affects: fedora-all [bug 1397715]
Affects: epel-all [bug 1397716]
---
Created hdf5 tracking bugs for this issue:
Affects: openshift-1 [bug
Bugzilla
CVE-2016-2175 pdfbox: XML External Entity vulnerability
bugzilla·2016-05-27·CVSS 7.8
CVE-2016-2175 [HIGH] CVE-2016-2175 pdfbox: XML External Entity vulnerability
CVE-2016-2175 pdfbox: XML External Entity vulnerability
Apache PDFBox parses different XML data within PDF files such as XMP and the initialization of the XML parsers did not protect against XML External Entity (XXE) vulnerabilities.
References:
http://seclists.org/oss-sec/2016/q2/419
Discussion:
Created pdfbox tracking bugs for this issue:
Affects: fedora-all [bug 1340397]
---
pdfbox-1.8.8-6.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
---
pdfbox-1.8.11-2.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
---
This issue has been addressed in the following products:
Red Hat JBoss Fuse/A-MQ 6.3 Rollup 1
Via RHSA-2017:0179
http://www.securityfocus.com/bid/89868http://www.securitytracker.com/id/1035825https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-057http://www.securityfocus.com/bid/89868http://www.securitytracker.com/id/1035825https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-057
2016-05-11
Published