NVIDIA Graphics Driver 340.x < 341.95 / 352.x < 354.74 Multiple Vulnerabilities

High Nessus Plugin ID 90119


The remote Windows host is affected by multiple vulnerabilities.


The version of the NVIDIA graphics driver installed on the remote Windows host is 340.x prior to 341.95 or 352.x prior to 354.74. It is, therefore, affected by multiple vulnerabilities :

- A privilege escalation vulnerability exists due to a kernel driver escape. A local attacker can exploit this to gain unauthorized access to restricted functionality, potentially allowing the execution of arbitrary code.

- An information disclosure vulnerability exists due to an out-of-bounds read error. A local attacker can exploit this to read arbitrary information from memory.

- An unspecified untrusted pointer flaw exists that allows a local attacker to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-2558)


Upgrade to video driver version 341.95 / 354.74 or later.

See Also







Plugin Details

Severity: High

ID: 90119

File Name: nvidia_win_cve_2016_2556.nasl

Version: $Revision: 1.4 $

Type: local

Agent: windows

Family: Windows

Published: 2016/03/23

Modified: 2016/10/10

Dependencies: 72482

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:nvidia:gpu_driver

Required KB Items: WMI/DisplayDrivers/NVIDIA, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2016/03/16

Vulnerability Publication Date: 2016/03/14

Reference Information

CVE: CVE-2016-2556, CVE-2016-2557, CVE-2016-2558

OSVDB: 135949, 135950, 135951