CVE Vulnerabilities

CVE-2016-3354

Published: Sep 14, 2016 | Modified: Oct 12, 2018
CVSS 3.x
3.3
LOW
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to bypass the ASLR protection mechanism via a crafted application, aka GDI Information Disclosure Vulnerability.

Affected Software

Name Vendor Start Version End Version
Windows_rt_8.1 Microsoft * *
Windows_server_2012 Microsoft r2 r2
Windows_7 Microsoft * *
Windows_10 Microsoft 1511 1511
Windows_10 Microsoft 1607 1607
Windows_8.1 Microsoft * *
Windows_server_2008 Microsoft r2 r2
Windows_vista Microsoft * *
Windows_server_2008 Microsoft * *
Windows_server_2012 Microsoft - -
Windows_10 Microsoft - -

References