Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310808647
HistoryAug 10, 2016 - 12:00 a.m.

Microsoft Windows PDF Library Remote Code Execution Vulnerability (3182248)

2016-08-1000:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
19

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.526 Medium

EPSS

Percentile

97.6%

JSON

This host is missing an important security
update according to Microsoft Bulletin MS16-102

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.808647");
  script_version("2023-07-20T05:05:17+0000");
  script_cve_id("CVE-2016-3319");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2023-07-20 05:05:17 +0000 (Thu, 20 Jul 2023)");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2018-10-12 22:12:00 +0000 (Fri, 12 Oct 2018)");
  script_tag(name:"creation_date", value:"2016-08-10 09:19:34 +0530 (Wed, 10 Aug 2016)");
  script_name("Microsoft Windows PDF Library Remote Code Execution Vulnerability (3182248)");

  script_tag(name:"summary", value:"This host is missing an important security
  update according to Microsoft Bulletin MS16-102");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The flaw is due to Windows PDF Library
  improperly handles objects in memory.");

  script_tag(name:"impact", value:"Successful exploitation will allow a
  remote attacker to execute arbitrary code in the context of the current user.");

  script_tag(name:"affected", value:"- Microsoft Windows 8.1 x32/x64

  - Microsoft Windows Server 2012/2012R2

  - Microsoft Windows 10 x32/x64

  - Microsoft Windows 10 Version 1511 x32/x64");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"qod_type", value:"executable_version");

  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3182248");
  script_xref(name:"URL", value:"https://technet.microsoft.com/en-us/library/security/ms16-102");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("smb_reg_service_pack.nasl");
  script_require_ports(139, 445);
  script_mandatory_keys("SMB/WindowsVersion");
  script_xref(name:"URL", value:"https://technet.microsoft.com/library/security/MS16-102");
  exit(0);
}


include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");

if(hotfix_check_sp(win2012:1, win2012R2:1, win8_1:1, win8_1x64:1,
                   win10:1, win10x64:1) <= 0){
  exit(0);
}

sysPath = smb_get_systemroot();
if(!sysPath ){
  exit(0);
}

dllVer1 = fetch_file_version(sysPath:sysPath, file_name:"System32\Glcndfilter.dll");
dllVer2 = fetch_file_version(sysPath:sysPath, file_name:"System32\Windows.data.pdf.dll");
if(!dllVer1 && !dllVer2){
  exit(0);
}

if(hotfix_check_sp(win2012:1) > 0)
{
  if(version_is_less(version:dllVer1, test_version:"6.2.9200.21924"))
  {
     Vulnerable_range = "Less than 6.2.9200.21924";
     VULN1 = TRUE ;
  }
}

else if(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) > 0)
{
  if(version_is_less(version:dllVer1, test_version:"6.3.9600.18403"))
  {
    Vulnerable_range = "Less than 6.3.9600.18403";
    VULN1 = TRUE ;
  }
}

else if(hotfix_check_sp(win10:1, win10x64:1) > 0 && dllVer2)
{
  if(version_is_less(version:dllVer2, test_version:"10.0.10240.17071"))
  {
    Vulnerable_range = "Less than 10.0.10240.17071";
    VULN2 = TRUE ;
  }
  else if(version_in_range(version:dllVer2, test_version:"10.0.10586.0", test_version2:"10.0.10586.544"))
  {
    Vulnerable_range = "10.0.10586.0 - 10.0.10586.544";
    VULN2 = TRUE ;
  }
}

if(VULN2)
{
  report = 'File checked:     ' + sysPath + "\system32\windows.data.pdf.dll"+ '\n' +
           'File version:     ' + dllVer2  + '\n' +
           'Vulnerable range: ' + Vulnerable_range + '\n' ;
  security_message(data:report);
  exit(0);
}

if(VULN1)
{
  report = 'File checked:     ' + sysPath + "\system32\Glcndfilter.dll" + '\n' +
           'File version:     ' + dllVer1  + '\n' +
           'Vulnerable range: ' + Vulnerable_range + '\n' ;
  security_message(data:report);
  exit(0);
}

Related

nessus 2
prion 1
mskb 6
mscve 1
symantec 1
cve 1
seebug 1
thn 1
talos 1
checkpoint_advisories 1
threatpost 1
openvas 1
kaspersky 2
nessus
nessus
MS16-102: Security Update for Microsoft Windows PDF Library (3182248)
2016-08-09 00:00:00
MS16-096: Cumulative Security Update for Microsoft Edge (3177358)
2016-08-09 00:00:00
prion
prion
Remote code execution
2016-08-09 21:59:00
mskb
mskb
MS16-102: Description of the security update for Microsoft Windows PDF library: August 9, 2016
2016-08-09 07:00:00
MS16-102: Security update for Microsoft Windows PDF library: August 9, 2016
2016-08-09 00:00:00
MS16-096: Cumulative security update for Microsoft Edge: August 9, 2016
2016-08-09 00:00:00
mscve
mscve
Windows PDF Remote Code Execution Vulnerability
2016-08-09 07:00:00
symantec
symantec
Microsoft Windows and Edge CVE-2016-3319 Remote Code Execution Vulnerability
2016-08-09 00:00:00
cve
cve
CVE-2016-3319
2016-08-09 21:59:00
seebug
seebug
Microsoft Windows PDF API Jpeg2000 csiz Remote Code Execution Vulnerability(CVE-2016-3319)
2017-10-13 00:00:00
thn
thn
Microsoft Releases 9 Security Updates to Patch 34 Vulnerabilities
2016-08-09 21:38:00
talos
talos
Microsoft Windows PDF API Jpeg2000 csiz Remote Code Execution Vulnerability
2016-08-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Edge PDF Remote Code Execution (MS16-096: CVE-2016-3319; CVE-2017-0291)
2016-08-09 00:00:00
threatpost
threatpost
August 2016 Microsoft Patch Tuesday Security Bulletins
2016-08-09 14:59:55
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (3177358)
2016-08-10 00:00:00
kaspersky
kaspersky
KLA10858 Multiple vulnerabilities in Microsoft Edge and Internet Explorer
2016-08-09 00:00:00
KLA10856 Multiple vulnerabilities in Microsoft Windows
2016-08-09 00:00:00

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.526 Medium

EPSS

Percentile

97.6%

JSON
Related for OPENVAS:1361412562310808647
nessus2prion1mskb6mscve1symantec1cve1seebug1thn1talos1checkpoint_advisories1threatpost1openvas1kaspersky2