Lucene search

[email protected]CVE-2016-0058

HistoryFeb 10, 2016 - 11:59 a.m.

CVE-2016-0058

2016-02-1011:59:21

CWE-119

[email protected]

web.nvd.nist.gov

cve-2016-0058

buffer overflow

microsoft

pdf library

windows 8.1

windows server 2012

windows 10

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.196 Low

EPSS

Percentile

96.3%

JSON

Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls, aka “Microsoft PDF Library Buffer Overflow Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_10Match-

microsoftwindows_8.1Match-

microsoftwindows_server_2012Match-

microsoftwindows_server_2012Matchr2

CPENameOperatorVersion
microsoft:windows_10microsoft windows 10eq-
microsoft:windows_8.1microsoft windows 8.1eq-
microsoft:windows_server_2012microsoft windows server 2012eq-
microsoft:windows_server_2012microsoft windows server 2012eqr2

CPE	Name	Operator	Version
microsoft:windows_10	microsoft windows 10	eq	-
microsoft:windows_8.1	microsoft windows 8.1	eq	-
microsoft:windows_server_2012	microsoft windows server 2012	eq	-
microsoft:windows_server_2012	microsoft windows server 2012	eq	r2