Lucene search
Giwan Go of STEALIENZDI-16-645HistoryDec 15, 2016 - 12:00 a.m.
Microsoft Windows Icon File Integer Overflow Remote Code Execution Vulnerability
2016-12-1500:00:00
Giwan Go of STEALIEN
www.zerodayinitiative.com
22
0.886 High
EPSS
Percentile
98.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file or folder. The specific flaw exists within the processing of icon files. The issue results from the lack of proper validation of user-supplied data which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.
Related
cve
cve
CVE-2016-7272
2016-12-20 06:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Graphics Remote Code Execution (MS16-146: CVE-2016-7272)
2016-12-13 00:00:00
nvd
nvd
CVE-2016-7272
2016-12-20 06:59:00
cvelist
cvelist
CVE-2016-7272
2016-12-20 05:54:00
mskb
mskb
symantec
symantec
prion
prion
Remote code execution
2016-12-20 06:59:00
mscve
mscve
Windows Graphics Component Remote Code Execution Vulnerability
2016-12-13 08:00:00
nessus
nessus
MS16-146: Security Update for Microsoft Graphics Component (3204066)
2016-12-13 00:00:00
openvas
openvas
Microsoft Graphics Component Multiple Vulnerabilities (3204066)
2016-12-14 00:00:00
kaspersky
kaspersky
KLA10922 Multiple vulnerabilities in Microsoft Windows
2016-12-13 00:00:00
KLA11904 Multiple vulnerabilities in Microsoft Products (ESU)
2016-12-13 00:00:00