Lucene search

[email protected]CVE-2016-3161

HistoryNov 08, 2016 - 8:59 p.m.

CVE-2016-3161

2016-11-0820:59:00

[email protected]

web.nvd.nist.gov

cve-2016-3161

nvidia quadro

nvs

geforce

unquoted service path

vulnerability

gfe gamestream

nvtray plugin

windows

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.0%

JSON

For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.

Affected configurations

NVD

Node

nvidiageforce_experienceRange≤-

AND

nvidiageforce_910mMatch-

nvidiageforce_920mMatch-

nvidiageforce_920mxMatch-

nvidiageforce_930mMatch-

nvidiageforce_930mxMatch-

nvidiageforce_940mMatch-

nvidiageforce_940mxMatch-

nvidiageforce_945mMatch-

nvidiageforce_gt_710Match-

nvidiageforce_gt_730Match-

nvidiageforce_gtx_1050Match-

nvidiageforce_gtx_1060Match-

nvidiageforce_gtx_1070Match-

nvidiageforce_gtx_1080Match-

nvidiageforce_gtx_950mMatch-

nvidiageforce_gtx_960mMatch-

nvidiageforce_gtx_965mMatch-

nvidianvs_310Match-

nvidianvs_315Match-

nvidianvs_510Match-

nvidianvs_810Match-

nvidiaquadro_k1200Match-

nvidiaquadro_k420Match-

nvidiaquadro_k620Match-

nvidiaquadro_m1000mMatch-

nvidiaquadro_m2000Match-

nvidiaquadro_m2000mMatch-

nvidiaquadro_m3000mMatch-

nvidiaquadro_m4000Match-

nvidiaquadro_m4000mMatch-

nvidiaquadro_m5000Match-

nvidiaquadro_m5000mMatch-

nvidiaquadro_m500mMatch-

nvidiaquadro_m5500Match-

nvidiaquadro_m6000Match-

nvidiaquadro_m600mMatch-

nvidiaquadro_p5000Match-

nvidiaquadro_p6000Match-

nvidiatitan_xMatch-

CPENameOperatorVersion
nvidia:geforce_experiencenvidia geforce experiencele-

CPE	Name	Operator	Version
nvidia:geforce_experience	nvidia geforce experience	le	-

CNA Affected

[
  {
    "product": "Quadro, NVS, GeForce (all versions)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Quadro, NVS, GeForce (all versions)"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/4213

www.securityfocus.com/bid/93251

support.lenovo.com/us/en/product_security/ps500070

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.0%

JSON

Related for CVE-2016-3161

prion1 cvelist1 nvd1 lenovo4 nvidia1 nessus1 openvas1