Information disclosure vulnerability in Windows Graphics Device Interface and Microsoft Products - CVE-2016-3209ID: oval:org.secpod.oval:def:37489 | Date: (C)2016-10-13 (M)2024-05-03 |
Class: VULNERABILITY | Family: windows |
The host is installed with Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Server 2012, Windows 8.1, Server 2012 R2, Windows 10, .net framework 3.0, 4.6, 4.5 SP2, 3.5.1, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft lync 2013, lync 2010, live meeting console 2007, Microsoft Office 2010, office 2007, word viewer or Microsoft silverlight 5 and is prone to an information disclosure vulnerability. A flaw is present in the Windows graphics device interface, which fails to properly handle objects in memory. An attacker who successfully exploited these vulnerability could use the retrieved information to circumvent Address Space Layout Randomization (ASLR) in Windows.
Platform: |
Microsoft Windows Server 2019 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2016 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Product: |
Microsoft .NET Framework 4.5 SP2 |
Microsoft .NET Framework 4.6 |
Microsoft .NET Framework 3.0 |
Microsoft .NET Framework 3.5.1 |
Microsoft Lync 2010 |
Microsoft Lync Basic 2013 |
Microsoft Lync 2010 Attendee |
Microsoft live meeting 2007 |
Microsoft Office 2007 |
Microsoft Office 2010 |
Microsoft Word Viewer |
Microsoft Silverlight 5 |
Microsoft Skype For Business 2016 |
Microsoft Skype For Business Basic 2016 |