Lucene search
AnonymousZDI-16-182HistoryMar 08, 2016 - 12:00 a.m.
Microsoft Windows OleLoadPicture Bitmap Heap Corruption Remote Code Execution Vulnerability
2016-03-0800:00:00
Anonymous
www.zerodayinitiative.com
18
0.92 High
EPSS
Percentile
98.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the OleLoadPicture function. User-supplied data is used to calculate a buffer length for allocation, and if the image is a bitmap, the function can then write beyond the buffer boundary. An attacker can leverage this functionality to execute arbitrary code in the context of the user.
Related
symantec
symantec
Microsoft Windows OLE CVE-2016-0091 Remote Code Execution Vulnerability
2016-03-08 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows OLE Memory Remote Code Execution (MS16-030: CVE-2016-0091)
2016-03-08 00:00:00
cve
cve
CVE-2016-0092
2016-03-09 11:59:03
CVE-2016-0091
2016-03-09 11:59:02
nvd
nvd
CVE-2016-0091
2016-03-09 11:59:02
CVE-2016-0092
2016-03-09 11:59:03
openvas
openvas
Microsoft Windows OLE Remote Code Execution Vulnerabilities (3143136)
2016-03-09 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2016-0091
2016-03-09 11:00:00
CVE-2016-0092
2016-03-09 11:00:00
mskb
mskb
prion
prion
Remote code execution
2016-03-09 11:59:00
Remote code execution
2016-03-09 11:59:00
kaspersky
kaspersky
KLA10769 Multiple vulnerabilities in Microsoft Windows
2016-03-08 00:00:00