CVE-2016-7184

Loading...

General

Score:9.3/10.0
Severity:High
Category:Buffer Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2016-0026, CVE-2016-3263, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, CVE-2016-7195, CVE-2016-7196, CVE-2016-7198, CVE-2016-7199, CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7204, CVE-2016-7205, CVE-2016-7208, CVE-2016-7209, CVE-2016-7210, CVE-2016-7212, CVE-2016-7214, CVE-2016-7215, CVE-2016-7216, CVE-2016-7217, CVE-2016-7218, CVE-2016-7220, CVE-2016-7221, CVE-2016-7222, CVE-2016-7223, CVE-2016-7224, CVE-2016-7225, CVE-2016-7226, CVE-2016-7227, CVE-2016-7237, CVE-2016-7238, CVE-2016-7239, CVE-2016-7240, CVE-2016-7241, CVE-2016-7242, CVE-2016-7243, CVE-2016-7246, CVE-2016-7247, CVE-2016-7248, CVE-2016-7255, CVE-2016-7256

Published on 10/11/16 - Updated on 13/10/18

Description

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, and CVE-2016-3343.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2016-7184
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2016-AVI-374
Microsoft MS16-134
Microsoft CVE-2016-7184
Microsoft 3181707, 3197868, 3197874, 3197877, 3198585, 3198586, 3200970
Renater 2016/VULN378

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
microsoftwindows_10
microsoftwindows_7
microsoftwindows_8.1
microsoftwindows_rt_8.1
microsoftwindows_server_2008
microsoftwindows_server_2012
microsoftwindows_server_2016
microsoftwindows_vista

Share this vulnerability with:

Twitter Facebook LinkedIn Mail