Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2016-0041 | First vendor Publication | 2016-02-10 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.8 | ||
Base Score | 7.8 | Environmental Score | 7.8 |
impact SubScore | 5.9 | Temporal Score | 7.8 |
Exploitabality Sub Score | 1.8 | ||
Attack Vector | Local | Attack Complexity | Low |
Privileges Required | Low | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0041 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 2 | |
Os | 2 | |
Os | 1 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-11-21 | Microsoft Office ociw32.dll dll-load exploit attempt RuleID : 44601 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office iasdatastore2.dll dll-load exploit attempt RuleID : 44600 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office oci.dll dll-load exploit attempt RuleID : 44599 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office request for ociw32.dll over SMB attempt RuleID : 44598 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office request for iasdatastore2.dll over SMB attempt RuleID : 44597 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office request for oci.dll over SMB attempt RuleID : 44596 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office hyperlink object out of bounds read attempt RuleID : 40941 - Revision : 3 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office hyperlink object out of bounds read attempt RuleID : 40940 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel hlink.dll string duplication input validation informat... RuleID : 37617 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel hlink.dll string duplication input validation informat... RuleID : 37616 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Internet Explorer StrCmpNICW string object use after free attempt RuleID : 37605 - Revision : 4 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer StrCmpNICW string object use after free attempt RuleID : 37604 - Revision : 4 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer IFRAME object constructor cross site scripting at... RuleID : 37603 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer IFRAME object constructor cross site scripting at... RuleID : 37602 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CTextBlock use-after-free attempt RuleID : 37597 - Revision : 3 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CTextBlock use-after-free attempt RuleID : 37596 - Revision : 3 - Type : BROWSER-IE |
2016-03-14 | Microsoft Office Word request for OLMAPI32.dll over SMB attempt RuleID : 37591 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Word request for BCSRuntime.dll over SMB attempt RuleID : 37590 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Word OLMAPI32.dll dll-load exploit attempt RuleID : 37589 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Word BCSRuntime.dll dll-load exploit attempt RuleID : 37588 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Edge SysFreeString double free attempt RuleID : 37582 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Edge SysFreeString double free attempt RuleID : 37581 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDomPrototype type confusion attempt RuleID : 37574 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDomPrototype type confusion attempt RuleID : 37573 - Revision : 3 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDomPrototype type confusion attempt RuleID : 37572 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDomPrototype type confusion attempt RuleID : 37571 - Revision : 3 - Type : BROWSER-IE |
2016-03-14 | Microsoft Windows WmipReceiveNotifications out of bounds write attempt RuleID : 37570 - Revision : 2 - Type : OS-WINDOWS |
2016-03-14 | Microsoft Windows WmipReceiveNotifications out of bounds write attempt RuleID : 37569 - Revision : 2 - Type : OS-WINDOWS |
2016-03-14 | Microsoft Windows WmipReceiveNotifications out of bounds write attempt RuleID : 37568 - Revision : 2 - Type : OS-WINDOWS |
2016-03-14 | Microsoft Windows WmipReceiveNotifications out of bounds write attempt RuleID : 37567 - Revision : 2 - Type : OS-WINDOWS |
2016-03-14 | Microsoft Office request for phoneinfo.dll over SMB attempt RuleID : 37558 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office request for msdaora.dll over SMB attempt RuleID : 37557 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office phoneinfo.dll dll-load exploit attempt RuleID : 37556 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office msdaora.dll dll-load exploit attempt RuleID : 37555 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Internet Explorer CDATA use-after-free attempt RuleID : 37554 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDATA use-after-free attempt RuleID : 37553 - Revision : 2 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-02-09 | Name : The remote host has a web browser installed that is affected by multiple vuln... File : smb_nt_ms16-009.nasl - Type : ACT_GATHER_INFO |
2016-02-09 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms16-014.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:35:59 |
|
2024-02-01 12:10:15 |
|
2023-09-05 12:34:15 |
|
2023-09-05 01:10:03 |
|
2023-09-02 12:34:06 |
|
2023-09-02 01:10:17 |
|
2023-08-12 12:37:05 |
|
2023-08-12 01:09:42 |
|
2023-08-11 12:32:10 |
|
2023-08-11 01:09:59 |
|
2023-08-06 12:31:13 |
|
2023-08-06 01:09:42 |
|
2023-08-04 12:31:20 |
|
2023-08-04 01:09:46 |
|
2023-07-14 12:31:21 |
|
2023-07-14 01:09:45 |
|
2023-03-29 01:33:05 |
|
2023-03-28 12:10:03 |
|
2022-12-03 12:25:43 |
|
2021-05-04 09:49:45 |
|
2021-04-22 01:53:50 |
|
2020-05-23 13:17:08 |
|
2020-05-23 00:48:10 |
|
2018-10-13 05:18:59 |
|
2016-12-06 09:24:21 |
|
2016-12-03 09:24:32 |
|
2016-08-12 21:24:20 |
|
2016-02-16 21:25:37 |
|
2016-02-10 17:24:59 |
|