Lucene search

K
cve[email protected]CVE-2016-7255
HistoryNov 10, 2016 - 7:00 a.m.

CVE-2016-7255

2016-11-1007:00:09
CWE-264
web.nvd.nist.gov
912
In Wild
windows
vista
server
privilege escalation
vulnerability
cve-2016-7255
nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.5%

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka “Win32k Elevation of Privilege Vulnerability.”

Affected configurations

NVD
Node
microsoftwindows_10Match-
OR
microsoftwindows_10Match1511
OR
microsoftwindows_10Match1607
OR
microsoftwindows_7sp1
OR
microsoftwindows_8.1
OR
microsoftwindows_rt_8.1
OR
microsoftwindows_server_2008sp2
OR
microsoftwindows_server_2008Matchr2sp1
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016
OR
microsoftwindows_vistasp2

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.5%