Lucene search

K
canvasImmunity CanvasMS16_135
HistoryNov 10, 2016 - 2:00 a.m.

Immunity Canvas: MS16_135

2016-11-1002:00:09
Immunity Canvas
exploitlist.immunityinc.com
934

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

81.5%

Name ms16_135
CVE CVE-2016-0099 Exploit Pack
VENDOR: Microsoft
Notes:
The vulnerable (and now patched) function is actually xxxNextWindow(), but since
Google mentioned SetWindowLongPtr() in their release, we use that name here.

Older systems are definitely vulnerable, but we have developed/tested on Win10 Anniversary Update for now.

Repeatability: Infinite
References: [‘https://technet.microsoft.com/en-us/library/security/ms16-135.aspx’, ‘https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html’, ‘http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7255’]
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7255

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

81.5%