CVE-2016-0100

EPSS 68.75%
Published 09.03.2016 11:59:10
Last modified 12.04.2025 10:46:40
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows Server 2008 Updatesp2

Microsoft ≫ Windows Vista Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	68.75%	0.986

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.4	2.5	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/83930

http://www.securitytracker.com/id/1035205

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-025

https://nvd.nist.gov/vuln/detail/CVE-2016-0100

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-0100

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-0100

EUVD