CVE-2016-3272Sensitive Information Exposure in Microsoft Windows 10

CWE-200Sensitive Information Exposure6 documents5 sources
Severity
2.8LOWNVD
OSV5.5
EPSS
12.6%
top 6.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Artifex GhostscriptMicrosoft Windows 10Microsoft Windows Server 2012+9 more
Timeline
PublishedJul 13
Latest updateMay 14

Description

The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles page-fault system calls, which allows local users to obtain sensitive information from an arbitrary process via a crafted application, aka "Windows Kernel Information Disclosure Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:NExploitability: 1.3 | Impact: 1.4

Affected Packages12 packages

🔴Vulnerability Details

2
GHSA
GHSA-qv9v-mfxg-qrm3: The kernel in Microsoft Windows 82022-05-14
OSV
ghostscript regression2017-05-16

📋Vendor Advisories

1
Microsoft
Windows Kernel Information Disclosure Vulnerability2016-07-12

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - July 20162016-07-12
Talos
Microsoft Patch Tuesday - July 20162016-07-12