Home

CVE-2016-0008

Description

The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka Windows GDI32.dll ASLR Bypass Vulnerability.

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
12.167

Associated Vulnerability

VulnerabilityOS Platform
Cumulative Update for Windows 10 for x64-based Systems (KB3124266)Windows
Cumulative Update for Windows 10 Version 1511 (KB3124263)Windows
Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3124263)Windows
Security Update for Windows Vista (KB3124001)Windows
Security Update for Windows Server 2008 (KB3124001)Windows
Security Update for Windows 7 (KB3124001)Windows
Security Update for Windows 8 (KB3124001)Windows
Security Update for Windows 8.1 (KB3124001)Windows
Security Update for Windows Server 2008 R2 x64 Edition (KB3124001)Windows
Security Update for Windows Server 2008 x64 Edition (KB3124001)Windows
Security Update for Windows 7 for x64-based Systems (KB3124001)Windows
Security Update for Windows Vista for x64-based Systems (KB3124001)Windows
Security Update for Windows 8 for x64-based Systems (KB3124001)Windows
Security Update for Windows Server 2012 (KB3124001)Windows
Security Update for Windows 8.1 for x64-based Systems (KB3124001)Windows
Security Update for Windows Server 2012 R2 (KB3124001)Windows
Security Update for Windows Vista (KB3124000)Windows
Security Update for Windows Server 2008 (KB3124000)Windows
Security Update for Windows 7 (KB3124000)Windows
Security Update for Windows Vista for x64-based Systems (KB3124000)Windows
Security Update for Windows Server 2008 x64 Edition (KB3124000)Windows
Security Update for Windows 7 for x64-based Systems (KB3124000)Windows
Security Update for Windows Server 2008 R2 x64 Edition (KB3124000)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-19746Cumulative Update for Windows 10 for x64-based Systems (KB3124266)
PATCH-19747Cumulative Update for Windows 10 Version 1511 (KB3124263)
PATCH-19748Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3124263)
PATCH-19809Security Update for Windows Vista (KB3124001)
PATCH-19810Security Update for Windows Server 2008 (KB3124001)
PATCH-19811Security Update for Windows 7 (KB3124001)
PATCH-19812Security Update for Windows 8 (KB3124001)
PATCH-19813Security Update for Windows 8.1 (KB3124001)
PATCH-19814Security Update for Windows Server 2008 R2 x64 Edition (KB3124001)
PATCH-19815Security Update for Windows Server 2008 x64 Edition (KB3124001)
PATCH-19816Security Update for Windows 7 for x64-based Systems (KB3124001)
PATCH-19817Security Update for Windows Vista for x64-based Systems (KB3124001)
PATCH-19818Security Update for Windows 8 for x64-based Systems (KB3124001)
PATCH-19819Security Update for Windows Server 2012 (KB3124001)
PATCH-19820Security Update for Windows 8.1 for x64-based Systems (KB3124001)
PATCH-19821Security Update for Windows Server 2012 R2 (KB3124001)
PATCH-19822Security Update for Windows Vista (KB3124000)
PATCH-19823Security Update for Windows Server 2008 (KB3124000)
PATCH-19824Security Update for Windows 7 (KB3124000)
PATCH-19825Security Update for Windows Vista for x64-based Systems (KB3124000)
PATCH-19826Security Update for Windows Server 2008 x64 Edition (KB3124000)
PATCH-19827Security Update for Windows 7 for x64-based Systems (KB3124000)
PATCH-19828Security Update for Windows Server 2008 R2 x64 Edition (KB3124000)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234