CVE-2016-3209

2016-10-14 04:59:07 2018-10-13 00:11:57

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; Live Meeting 2007 Console; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4.5.2, and 4.6; and Silverlight 5 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "True Type Font Parsing Information Disclosure Vulnerability."

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Microsoft Windows RT 8.1 Microsoft Windows 8.1 (not an official CPE) Microsoft Windows 7 - Sp1 (not an official CPE) Microsoft Windows 10 1511 (not an official CPE) Microsoft Windows 10 1607 (not an official CPE) Microsoft Windows 10 - (not an official CPE) Microsoft Windows Server 2008 Service Pack 2 Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft Windows Server 2012 Microsoft Windows server 2012 R2 (not an official CPE) Microsoft Windows Vista Service Pack 2

Microsoft - Windows rt 8.1 Microsoft - Windows 8.1 Microsoft - Windows 7 Microsoft - Windows 10 Microsoft - Word viewer Microsoft - Skype for business Microsoft - Office Microsoft - Silverlight Microsoft - Lync Microsoft - Live meeting Microsoft - .net framework Microsoft - Windows server 2008 Microsoft - Windows server 2012 Microsoft - Windows vista

Advisory	Patch	Confirmed	Link
			1036988
			MS16-120
			93385

CVE-2016-3209

2016-10-14 04:59:07 2018-10-13 00:11:57

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Information Exposure (ID 200)