Lucene search
AnonymousZDI-16-181HistoryMar 08, 2016 - 12:00 a.m.
Microsoft Windows OleLoadPicture Heap Corruption Remote Code Execution Vulnerability
2016-03-0800:00:00
Anonymous
www.zerodayinitiative.com
23
0.92 High
EPSS
Percentile
98.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the OleLoadPicture function. User-supplied data is used to calculate a buffer length for allocation and the function can then write beyond the buffer boundary. An attacker can leverage this functionality to execute arbitrary code in the context of the user.
Related
checkpoint_advisories
checkpoint_advisories
Microsoft Windows OLE Memory Remote Code Execution (MS16-030: CVE-2016-0092)
2016-03-08 00:00:00
symantec
symantec
Microsoft Windows OLE CVE-2016-0092 Remote Code Execution Vulnerability
2016-03-08 00:00:00
cve
cve
CVE-2016-0091
2016-03-09 11:59:02
CVE-2016-0092
2016-03-09 11:59:03
openvas
openvas
Microsoft Windows OLE Remote Code Execution Vulnerabilities (3143136)
2016-03-09 00:00:00
nvd
nvd
CVE-2016-0091
2016-03-09 11:59:02
CVE-2016-0092
2016-03-09 11:59:03
nessus
nessus
cvelist
cvelist
CVE-2016-0091
2016-03-09 11:00:00
CVE-2016-0092
2016-03-09 11:00:00
mskb
mskb
prion
prion
Remote code execution
2016-03-09 11:59:00
Remote code execution
2016-03-09 11:59:00
kaspersky
kaspersky
KLA10769 Multiple vulnerabilities in Microsoft Windows
2016-03-08 00:00:00