Описание
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities
- An improper requests handling at DNS servers can be exploited remotely via a specially designed requests to execute arbitrary code;
- Lack of restrictions during processing group policy updates can be exploited from intranet via man-in-the-middle attack to gain privileges;
- An improper memory objects handling can be exploited by logged in attacker to gain privileges;
- An improper uninitialized memory handling at Virtual Service Provider can be exploited by logged in attacker via a specially designed application to obtain sensitive information;
- An improper memory objects handling can be exploited remotely via a specially designed application to bypass Address Space Layout Randomization restrictions;
- An improper memory objects handling can be exploited locally via a specially designed application to gain privileges;
- An improper memory objects handling at Adobe Type Manager Font Driver can be exploited by logged in attacker via a specially designed application to gain privileges;
- An improper credentials forwarding at SMB can be exploited by logged in attacker via a specially designed application to gain privileges;
- An improper memory objects handling can be exploited by domain-authenticated attacker via a specially designed NetLogon request to gain privileges;
- Lack of proxy handling can be exploited remotely via a specially designed NetBIOS name requests manipulations to gain privileges;
- An improper proxy handling at WPAD can be exploited remotely to control traffic without sufficient privileges;
- An improper input sanitization at Windows Diagnostics Hub Standard Collector Service can be exploited by logged in attacker via a specially designed application to gain privileges;
- An improper .pdf files handling vulnerabilities can be exploited remotely via a specially designed pdf document to execute arbitrary code or obtain sensitive information;
- An improper machine accounts creation at Active Directory can be exploited by user with sufficient rights via machine accounts manipulation to cause denial of service.
Первичный источник обнаружения
- CVE-2016-3201
CVE-2016-3203
CVE-2016-3213
CVE-2016-3215
CVE-2016-3216
CVE-2016-3218
CVE-2016-3219
CVE-2016-3220
CVE-2016-3221
CVE-2016-3223
CVE-2016-3225
CVE-2016-3231
CVE-2016-3236
CVE-2016-3299
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
Список CVE
- CVE-2016-3215 high
- CVE-2016-3213 critical
- CVE-2016-3203 critical
- CVE-2016-3201 high
- CVE-2016-3220 critical
- CVE-2016-3219 critical
- CVE-2016-3218 critical
- CVE-2016-3216 warning
- CVE-2016-3299 high
- CVE-2016-3236 critical
- CVE-2016-3231 critical
- CVE-2016-3225 critical
- CVE-2016-3223 critical
- CVE-2016-3221 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!