7.8

CVE-2016-0148

Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft.Net Framework Version4.6
Microsoft.Net Framework Version4.6.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 13.92% 0.961
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://packetstormsecurity.com/files/136671/.NET-Framework-4.6-DLL-Hijacking.html
http://seclists.org/fulldisclosure/2016/Apr/42
Third Party Advisory
Mailing List
http://www.securityfocus.com/archive/1/538063/100/0/threaded
http://www.securitytracker.com/id/1035535
Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-16-234
Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-041