Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
726
VMScore

CVE-2016-3309

Published: 09/08/2016 Updated: 12/10/2018
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 726
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Windows Rt 8.1

Vulnerability Summary

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows rt 8.1

microsoft windows server 2012 r2

microsoft windows 8.1

microsoft windows 7

microsoft windows 10 -

microsoft windows 10 1511

microsoft windows server 2012 -

microsoft windows vista

microsoft windows 10 1607

microsoft windows server 2008 r2

microsoft windows server 2008

Exploits

Exploit DB: Microsoft Windows 10 RS2 (x64) - 'win32kfull!bFill' Pool Overflow
Sources: siberasde/blog/2017/10/05/exploitation_case_study_wild_pool_overflow_CVE-2016-3309_reloadedhtml githubcom/siberas/CVE-2016-3309_Reloaded Exploits for the recently-patched win32kfull!bFill vulnerability Executing the Palette or Bitmap exploit will give you SYSTEM privileges on the affected system The exploits should wo ...

Github Repositories

https://github.com/siberas/CVE-2016-3309_Reloaded

Exploits for the win32kfull!bFill vulnerability on Win10 x64 RS2 using Bitmap or Palette techniques

Kernel Exploitation Case Study - "Wild" Pool Overflow on Win10 x64 RS2 (CVE-2016-3309 Reloaded) This Github repo contains exploits for the recently-patched win32kfull!bFill vulnerability Executing the Palette or Bitmap exploit will give you SYSTEM privileges on the affected system The exploits should work fine on Windows 10 x64 with Creators Update, build 15063540

https://github.com/ollypwn/CallbackHell

Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell Exploit for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-after-free in Win32k that allows for local privilege escalation The vulnerability was found in the wild by Kaspersky The discovered exploit was written to support the following Windows products: Microsoft Windows Vista Micr

https://github.com/sensepost/ms16-098

Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow

#Exploiting MS16-098 RGNOBJ Integer Overflow on Windows 81 x64 bit by abusing GDI objects (CVE-2016-3309) For more details, please refer to SensePost Blog:wwwsensepostcom/blog/2017/exploiting-ms16-098-rgnobj-integer-overflow-on-windows-81-x64-bit-by-abusing-gdi-objects/

https://github.com/ly4k/CallbackHell

Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell Exploit for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-after-free in Win32k that allows for local privilege escalation The vulnerability was found in the wild by Kaspersky The discovered exploit was written to support the following Windows products: Microsoft Windows Vista Micr

https://github.com/jenriquezv/OSCP-Cheat-Sheets-Windows

OSCP Cheat Sheets Windows Preparation for OSCP gistgithubcom/m8r0wn/b6654989035af20a1cb777b61fbc29bf 0xspcom/offensive/privilege-escalation-cheatsheet pentestingzeyu2001com/proving-grounds/get-to-work/nickel githubcom/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalationmd \ http

Recent Articles

Microsoft Patch Tuesday bug harvest festival comes to town
The Register • Thomas Claburn in San Francisco • 12 Oct 2021

Get our weekly newsletter With 71 new CVEs, there are patches enough for everyone

Microsoft's October Patch Tuesday has arrived with fixes for 71 new CVEs, two patch revisions to address bugs from previous months that just won't die, and three CVEs tied to OpenSSL flaws. That's in addition to eight Edge-Chromium CVEs dealt with earlier this month. Two of the fresh bugs are rated Critical, 68 are designated Important, and one is rated Low severity. Four among the overall October harvest have been publicly disclosed, including one from July, an Azure AD security feature bypass ...

Read more...

References

CWE-264http://www.securitytracker.com/id/1036572http://www.securityfocus.com/bid/92297https://www.exploit-db.com/exploits/42960/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-098https://nvd.nist.govhttps://www.exploit-db.com/exploits/42960/https://github.com/siberas/CVE-2016-3309_Reloaded
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook