Lucene search
WanderingGlitch - Trend Micro Zero Day InitiativeZDI-16-507HistorySep 16, 2016 - 12:00 a.m.
Microsoft Windows NtGdiQueryFonts Information Disclosure Vulnerability
2016-09-1600:00:00
WanderingGlitch - Trend Micro Zero Day Initiative
www.zerodayinitiative.com
28
0.009 Low
EPSS
Percentile
82.4%
This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the NtGdiQueryFonts function. The issue lies in the failure to sanitize a buffer before returning its contents resulting in the leak of a kernel address. An attacker can leverage this vulnerability to leak sensitive information in the context of SYSTEM.
Related
symantec
symantec
cve
cve
CVE-2016-3354
2016-09-14 10:59:27
mscve
mscve
GDI+ Information Disclosure Vulnerability
2016-09-13 07:00:00
prion
prion
Information disclosure
2016-09-14 10:59:00
cvelist
cvelist
CVE-2016-3354
2016-09-14 10:00:00
nvd
nvd
CVE-2016-3354
2016-09-14 10:59:27
mskb
mskb
nessus
nessus
MS16-106: Security Update for Microsoft Graphics Component (3185848)
2016-09-13 00:00:00
openvas
openvas
Microsoft Graphics Component Multiple Vulnerabilities (3185848)
2016-09-14 00:00:00
kaspersky
kaspersky
KLA11907 Multiple vulnerabilities in Microsoft Products (ESU)
2016-09-13 00:00:00
KLA10870 Multiple vulnerabilities in Microsoft Windows
2016-09-13 00:00:00