CVE-2016-3319Improper Access Control in Microsoft Windows 10

CWE-284Improper Access Control8 documents5 sources
Severity
7.0HIGHNVD
EPSS
37.2%
top 2.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
17
Microsoft Windows 10Microsoft Windows Server 2012Msrc Microsoft Edge ON Windows 10 FOR 32-bit Systems+14 more
Timeline
PublishedAug 9
Latest updateMay 14

Description

The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages17 packages

🔴Vulnerability Details

1
GHSA
GHSA-4r3v-pq3f-grxr: The PDF library in Microsoft Windows 82022-05-14

📋Vendor Advisories

1
Microsoft
Windows PDF Remote Code Execution Vulnerability2016-08-09

🕵️Threat Intelligence

5
Talos
Vulnerability Spotlight: MS Edge/Windows PDF Library Arbitrary Code Execution Vulnerability Identified and Patched2016-08-10
Talos
Vulnerability Spotlight: MS Edge/Windows PDF Library Arbitrary Code Execution Vulnerability Identified and Patched2016-08-10
Talos
Microsoft Patch Tuesday - August 20162016-08-09
Talos
Microsoft Patch Tuesday - August 20162016-08-09
Zscaler
Zscaler found Multiple Security Vulnerabilities | 08-09-2016