GDI+ Remote Code Execution Vulnerability for Microsoft .NET Framework 4.5.2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 (KB3189039) x86 based systems
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
40.834%
CVE Information
Source CVE
CVE-2016-3393
Associated CVE
CVE-2016-3393
CVE-2016-7182
CVE-2016-3209
CVE-2016-3396
CVE-2016-3270
CVE-2016-3262
CVE-2016-3263
CVE-2016-3393
Associated CVE
CVE-2016-3393
CVE-2016-7182
CVE-2016-3209
CVE-2016-3396
CVE-2016-3270
CVE-2016-3262
CVE-2016-3263
Patch Details
Patch associated with this vulnerability is supported by ManageEngine.
Patch ID
21551
Patch Description
Security Update for Microsoft .NET Framework 4.5.2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 (KB3189039)
References
http://technet.microsoft.com/security/bulletin/MS16-120
http://www.securityfocus.com/bid/93377
http://www.securityfocus.com/bid/93380
http://www.securityfocus.com/bid/93385
http://www.securityfocus.com/bid/93390
http://www.securityfocus.com/bid/93394
http://www.securityfocus.com/bid/93395
http://www.securityfocus.com/bid/93403
http://www.securitytracker.com/id/1036988
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3209