Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mscveMicrosoftMS:CVE-2016-3238
HistoryJul 12, 2016 - 7:00 a.m.

Windows Print Spooler Remote Code Execution Vulnerability

2016-07-1207:00:00
Microsoft
msrc.microsoft.com
14

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.141 Low

EPSS

Percentile

95.7%

JSON

A remote code execution vulnerability exists when the Windows Print Spooler service does not properly validate print drivers while installing a printer from servers. An attacker who successfully exploited this vulnerability could use it to execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

To exploit this vulnerability, an attacker must be able to execute a man-in-the-middle (MiTM) attack on a workstation or print server or set up a rogue print server on a target network.

The update addresses the vulnerability by issuing a warning to users who attempt to install untrusted printer drivers.

Related

prion 1
cve 1
symantec 1
thn 1
mskb 11
openvas 1
threatpost 1
nessus 1
kaspersky 2
prion
prion
Remote code execution
2016-07-13 01:59:00
cve
cve
CVE-2016-3238
2016-07-13 01:59:00
symantec
symantec
Microsoft Windows Print Spooler CVE-2016-3238 Remote Code Execution Vulnerability
2016-07-12 00:00:00
thn
thn
Critical Print Spooler Bug allows Attackers to Hack any version of Microsoft Windows
2016-07-12 23:17:00
mskb
mskb
MS16-087: Security update for Windows print spooler components: July 12, 2016
2016-07-12 00:00:00
MS16-087: Description of the security update for Windows print spooler components: July 12, 2016
2016-07-12 07:00:00
September 12, 2017—KB4038779 (Security-only update)
2017-09-12 07:00:00
openvas
openvas
Microsoft Windows Print Spooler Components Multiple Vulnerabilities (3170005)
2016-07-13 00:00:00
threatpost
threatpost
July 2016 Microsoft Patch Tuesday Security Patches
2016-07-12 16:01:33
nessus
nessus
MS16-087: Security Update for Windows Print Spooler (3170005)
2016-07-12 00:00:00
kaspersky
kaspersky
KLA10840 Multiple vulnerabilities in Microsoft Windows
2016-07-12 00:00:00
KLA11909 Multiple vulnerabilities in Microsoft Products (ESU)
2016-07-12 00:00:00

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.141 Low

EPSS

Percentile

95.7%

JSON
Related for MS:CVE-2016-3238
prion1cve1symantec1thn1mskb11openvas1threatpost1nessus1kaspersky2