Published: 08/11/2016 Updated: 03/09/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nvidia geforce_experience

Source: bugschromiumorg/p/project-zero/issues/detail?id=918 The NvStreamKmssys driver calls PsSetCreateProcessNotifyRoutineEx to set up a process creation notification routine In this particular routine, if ( cur->image_names_count > 0 ) { // info_ is the PPS_CREATE_NOTIFY_INFO that is passed to the routine image_filename ...

CWE-119 http://nvidia.custhelp.com/app/answers/detail/a_id/4247 http://www.securityfocus.com/bid/93986 https://www.exploit-db.com/exploits/40660/https://nvd.nist.gov https://www.exploit-db.com/exploits/40660/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-8812

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect