CVE-2016-0152

Description

Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka Windows DLL Loading Remote Code Execution Vulnerability.

Risk Information

Base Score

7.8

MODERATE

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

5.015

Associated Vulnerability

Vulnerability	OS Platform
Windows DLL Loading Remote Code Execution Vulnerability for Windows Server 2008 x64 Edition (KB3141083)	Windows
Windows DLL Loading Remote Code Execution Vulnerability for Windows Server 2008 (KB3141083)	Windows
Windows DLL Loading Remote Code Execution Vulnerability for Windows Vista for x64-based Systems (KB3141083)	Windows
Windows DLL Loading Remote Code Execution Vulnerability for Windows Vista (KB3141083)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-20596	Security Update for Windows Server 2008 x64 Edition (KB3141083)
PATCH-20594	Security Update for Windows Server 2008 (KB3141083)
PATCH-20595	Security Update for Windows Vista for x64-based Systems (KB3141083)
PATCH-20593	Security Update for Windows Vista (KB3141083)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234