CVE-2016-3262

Graphics Device Interface aka GDI or GDI+ in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync...

CVE-2016-3262

CVE-2016-3262 and CVE-2016-3263 describe a Graphics Device Interface (GDI+/GDI) information-disclosure problem in multiple Windows versions. The description specifies that remote attackers can bypass ASLR through unspecified vectors. Affected products include Windows Vista SP2, Windows Server 200...

MS16-120: Security Update for Microsoft Graphics Component (3192884)

The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple information disclosure vulnerabilities exist in the Windows GDI component due to improper handling of objects in memory. A local attacker can exploit these vulnerabilities, vi...

KLA10884 Code execution vulnerability in Microsoft Office

An improper RTF handling was found in Microsoft Office. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Original advisories CVE-2016-3263 CVE-2016-3209 CVE-2016-3262 CVE-2016-7182 CVE-2016-339...

Microsoft Windows GDI+ Information Disclosure (MS16-120: CVE-2016-3262)

An information disclosure vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the True Type Font TTF driver handles objects in memory. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted EMF fil...