CVE-2016-3396

Published: 14/10/2016 Updated: 12/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote malicious users to execute arbitrary code via a crafted embedded font, aka "GDI+ Remote Code Execution Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft word viewer -
microsoft live meeting 2007
microsoft windows server 2012 r2
microsoft lync 2010
microsoft office 2007
microsoft windows 10 1511
microsoft windows 10 1607
microsoft office 2010
microsoft windows 8.1
microsoft windows server 2008 -
microsoft lync 2013
microsoft skype for business 2016
microsoft windows server 2008 r2
microsoft windows 7 -
microsoft windows rt 8.1 -
microsoft windows vista -
microsoft windows server 2012 -
microsoft windows 10 -

CWE-264 http://www.securityfocus.com/bid/93380 http://www.securitytracker.com/id/1036988 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-120 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-3396

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect