Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvidiaNvidiaNVIDIA:4213
HistoryAug 19, 2016 - 12:00 a.m.

Security Bulletin: Multiple vulnerabilities affect Quadro, NVS, and GeForce Windows based systems

2016-08-1900:00:00
nvidia.custhelp.com
18

EPSS

0.004

Percentile

74.5%

JSON

Security Bulletin: Multiple vulnerabilities affect Quadro, NVS, and GeForce Windows based systems (CVE-2016-4959, CVE-2016-3161, CVE-2016-5852, CVE-2016-4960, CVE-2016-5025, CVE-2016-4961)

Vulnerability Details

CVE-2016-4959

Description: Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.

CVSS Base Score: 7.8

CVSS Temporal Score: 6.1

CVSS Environmental Score: [determined by user]

CVSS V2 Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C)

CVE-2016-3161 and CVE-2016-5852

Description: GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level.

CVSS Base Score: 6.8

CVSS Temporal Score: 5

CVSS Environmental Score: [determined by user]

CVSS V2 Vector: (AV:L/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)

CVE-2016-4960

Description: The NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.

CVSS Base Score: 6.6

CVSS Temporal Score: 5.5

CVSS Environmental Score: [determined by user]

CVSS V2 Vector: (AV:L/AC:M/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C)

CVE-2016-5025

Description: Improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.

CVSS Base Score: 5.7

CVSS Temporal Score: 4.5

CVSS Environmental Score: [determined by user]

CVSS V2 Vector: (AV:L/AC:L/Au:S/C:P/I:P/A:C/E:POC/RL:OF/RC:C)

CVE-2016-4961

Description: Improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.

CVSS Base Score: 4.6

CVSS Temporal Score: 3.8

CVSS Environmental Score: [determined by user]

CVSS V2 Vector: (AV:L/AC:L/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C)

NVIDIAโ€™s risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. We recommended consulting a local security or IT professional to evaluate the risk of your specific configuration. NVIDIA doesnโ€™t know of any exploits to these issues at this time.

Related

lenovo 4
nessus 1
cvelist 6
prion 6
cve 6
nvd 6
openvas 1
lenovo
lenovo
Denial of Service Vulnerabilities in NVidiaยฎ Drivers that affect Quadro, NVS and GeForce Windows-based Systems
2017-03-13 00:00:00
Denial of Service Vulnerabilities in NVidiaยฎ Drivers that affect Quadro, NVS and GeForce Windows-based Systems - Lenovo Support US
2017-03-13 00:00:00
NVIDIA Windows GPU Driver Privilege Escalation or Denial of Service - Lenovo Support US
2017-06-07 00:00:00
nessus
nessus
NVIDIA Graphics Driver 340.x < 341.96 / 352.x < 354.99 / 361.x < 362.77 / 367.x < 368.39 Multiple Vulnerabilities
2016-10-07 00:00:00
cvelist
cvelist
CVE-2016-4960
2016-11-08 20:37:00
CVE-2016-4961
2016-11-08 20:37:00
CVE-2016-4959
2016-11-08 20:37:00
prion
prion
Design/Logic Flaw
2016-11-08 20:59:00
Privilege escalation
2016-11-08 20:59:00
Null pointer dereference
2016-11-08 20:59:00
cve
cve
CVE-2016-4960
2016-11-08 20:59:02
CVE-2016-4961
2016-11-08 20:59:03
CVE-2016-4959
2016-11-08 20:59:01
nvd
nvd
CVE-2016-4959
2016-11-08 20:59:01
CVE-2016-4961
2016-11-08 20:59:03
CVE-2016-4960
2016-11-08 20:59:02
openvas
openvas
Microsoft Windows Unquoted Path Vulnerability (SMB Login)
2018-03-23 00:00:00

EPSS

0.004

Percentile

74.5%

JSON
Related for NVIDIA:4213
lenovo4nessus1cvelist6prion6cve6nvd6openvas1