CVE-2016-0073

medium

Description

The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0075.

References

https://www.exploit-db.com/exploits/40574/

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-124

http://www.securityfocus.com/bid/93355

Details

Source: Mitre, NVD

Published: 2016-10-14

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Severity: Medium