CVE-2016-3238

Published: 13/07/2016 Updated: 12/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle malicious users to execute arbitrary code by providing a crafted print driver during printer installation, aka "Windows Print Spooler Remote Code Execution Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows server 2012 r2
microsoft windows 7
microsoft windows 10 1511
microsoft windows 8.1
microsoft windows server 2008 r2
microsoft windows rt 8.1 -
microsoft windows vista
microsoft windows server 2008
microsoft windows server 2012 -
microsoft windows 10 -

It's 2016 and Windows lets crims poison your printer drivers

The Register • Darren Pauli • 13 Jul 2016

One of the messes munched this Patch Tuesday is very nasty, for you and Redmond

Among the Microsoft messes addressed in latest round of Patch Tuesday updates is a real doozy that allows remote attackers to compromise Windows machines thanks to a critical security vulnerability affecting printer drivers. The flaw is found in all desktop Windows since Vista and Windows Server since 2008 and means malvertising or malicious or hacked sites could quietly deliver malicious printer drivers. That attack is possible because malicious code can be injected into a printer spooler servi...

CVE-2016-3238

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect