admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2016/CVE-2016-33xx/CVE-2016-3374.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

181 lines
6.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2016-3374",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-09-14T10:59:49.343",
"lastModified": "2024-11-21T02:49:53.143",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka \"PDF Library Information Disclosure Vulnerability,\" a different vulnerability than CVE-2016-3370."
},
{
"lang": "es",
"value": "La librer\u00eda PDF en Microsoft Edge, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold, 1511 y 1607 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de un sitio web manipulado, vulnerabilidad tambi\u00e9n conocida como \"PDF Library Information Disclosure Vulnerability\", una vulnerabilidad diferente a CVE-2016-3370."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"baseScore": 4.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77D197D7-57FB-4898-8C70-B19D5F0D5BE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
"matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "197E82CB-81AF-40F1-A55C-7B596891A783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
}
],
"references": [
{
"url": "http://blog.malerisch.net/2016/09/microsoft--out-of-bounds-read-pdf-library-cve-2016-3374.html",
"source": "secure@microsoft.com"
},
{
"url": "http://srcincite.io/advisories/src-2016-39/",
"source": "secure@microsoft.com"
},
{
"url": "http://www.securityfocus.com/bid/92838",
"source": "secure@microsoft.com"
},
{
"url": "http://www.securitytracker.com/id/1036789",
"source": "secure@microsoft.com"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-105",
"source": "secure@microsoft.com"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-115",
"source": "secure@microsoft.com"
},
{
"url": "http://blog.malerisch.net/2016/09/microsoft--out-of-bounds-read-pdf-library-cve-2016-3374.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://srcincite.io/advisories/src-2016-39/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/92838",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securitytracker.com/id/1036789",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-105",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-115",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink