CVE-2016-3334 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows 10
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer22 documents4 sources
Severity
7.8HIGHNVD
EPSS
5.4%
top 9.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 10
Latest updateMay 14
Description
The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3335, CVE-2016-3338, CVE-…
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages15 packages
🔴Vulnerability Details
10GHSA▶
GHSA-2c6j-3478-r358: The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8↗2022-05-14
GHSA▶
GHSA-6cfv-wpr6-mvfx: The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8↗2022-05-14
GHSA▶
GHSA-8p4p-fx87-xm7w: The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8↗2022-05-14
GHSA▶
GHSA-m6fw-q3rv-4rc5: The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8↗2022-05-14
GHSA▶
GHSA-72q2-hcpf-42xr: The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8↗2022-05-14