CVE-2016-7217Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows 10

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
8.8HIGHNVD
EPSS
19.2%
top 4.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Microsoft Windows 10Microsoft Windows Server 2012Msrc Windows 10 FOR 32-bit Systems+11 more
Timeline
PublishedNov 10
Latest updateMay 14

Description

Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memory Corruption Vulnerability."

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages14 packages

NVDmicrosoft/windows_101511, 1607+1

🔴Vulnerability Details

1
GHSA
GHSA-vwj2-w4wm-5hvh: Media Foundation in Microsoft Windows 82022-05-14

📋Vendor Advisories

1
Microsoft
Media Foundation Memory Corruption Vulnerability2016-11-08

🕵️Threat Intelligence

1
Zscaler
Zscaler found Multiple Security Vulnerabilities | 11-08-2016