CVE-2016-3272
published 2016-07-13CVE-2016-3272: The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles page-fault system calls, which…
PriorityP427low2.8CVSS 3.0
AVLACLPRLUIRSUCLINAN
EPSS
43.28%
98.6th percentile
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles page-fault system calls, which allows local users to obtain sensitive information from an arbitrary process via a crafted application, aka "Windows Kernel Information Disclosure Vulnerability."
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | >= 0 < 9.10~dfsg-0ubuntu10.9 | 9.10~dfsg-0ubuntu10.9 |
| artifex | ghostscript | >= 0 < 9.18~dfsg~0-0ubuntu2.6 | 9.18~dfsg~0-0ubuntu2.6 |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2012 | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_8.1_for_32-bit_systems | — | — |
| msrc | windows_8.1_for_x64-based_systems | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
CVSS provenance
nvdv3.02.8LOWCVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv5.5MEDIUM
vendor_msrc3.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Kernel Information Disclosure Vulnerability
vendor_msrc·2016-07-12·CVSS 3.1
CVE-2016-3272 [LOW] Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle certain page fault system calls. An authenticated attacker who successfully exploited this vulnerability could disclose information from one process to another.
To exploit the vulnerability, an attacker would have to either log on locally to an affected system or convince a locally authenticated user to execute a specially crafted application.
The update addresses this vulnerability by correcting how the Windows kernel handles certain page fault system calls.
FAQ: I am running Windows Server 2012. Do I need to install the 3170377 and 3172727 updates in a particular order?
No. The 3170377 and 3172727 updates b
GHSA
GHSA-qv9v-mfxg-qrm3: The kernel in Microsoft Windows 8
ghsa_unreviewed·2022-05-14
CVE-2016-3272 [LOW] CWE-200 GHSA-qv9v-mfxg-qrm3: The kernel in Microsoft Windows 8
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles page-fault system calls, which allows local users to obtain sensitive information from an arbitrary process via a crafted application, aka "Windows Kernel Information Disclosure Vulnerability."
OSV
ghostscript regression
osv·2017-05-16·CVSS 5.5
ghostscript regression
ghostscript regression
USN-3272-1 fixed vulnerabilities in Ghostscript. This change introduced
a regression when the DELAYBIND feature is used with the eqproc
command. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Ghostscript improperly handled parameters to
the rsdparams and eqproc commands. An attacker could use these to
craft a malicious document that could disable -dSAFER protections,
thereby allowing the execution of arbitrary code, or cause a denial
of service (application crash). (CVE-2017-8291)
Kamil Frankowicz discovered a use-after-free vulnerability in the
color management module of Ghostscript. An attacker could use this
to cause a denial of service (application crash). (CVE-2016-10217)
Kamil Frankowic
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday - July 2016
blogs_talos·2016-07-12·CVSS 8.8
[HIGH] Microsoft Patch Tuesday - July 2016
This post was authored by William Largent
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is has 11 bulletins addressing 49 vulnerabilities. 6 of these bulletins are rated critical and address vulnerabilities in Edge, Internet Explorer, JScript/VBScript, Print Spooler, Office and Adobe Flash Player. The remaining bulletins are rated important and address vulnerabilities in Windows Kernel, Office, Kernel-Mode Drivers, .NET Framework, and Secure Boot.
## Bulletins Rated Critical Microsoft bulletins MS16-084 through MS16-088, and MS16-093 are rated as critical in this month's release.
MS16-084 and MS16-085 are this month's Internet Explorer and Edge security bulletins respectively
Talos
Microsoft Patch Tuesday - July 2016
blogs_talos·2016-07-12·CVSS 8.8
[HIGH] Microsoft Patch Tuesday - July 2016
## Microsoft Patch Tuesday - July 2016
This post was authored by William Largent
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is has 11 bulletins addressing 49 vulnerabilities. 6 of these bulletins are rated critical and address vulnerabilities in Edge, Internet Explorer, JScript/VBScript, Print Spooler, Office and Adobe Flash Player. The remaining bulletins are rated important and address vulnerabilities in Windows Kernel, Office, Kernel-Mode Drivers, .NET Framework, and Secure Boot.
## Bulletins Rated Critical Microsoft bulletins MS16-084 through MS16-088, and MS16-093 are rated as critical in this month's release.
MS16-084 and MS16-085 are this month's Internet Explorer
http://www.securityfocus.com/bid/91603http://www.securitytracker.com/id/1036289https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-092http://www.securityfocus.com/bid/91603http://www.securitytracker.com/id/1036289https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-092
2016-07-13
Published