GDI+ Remote Code Execution Vulnerability for Windows Server 2008 R2 x64 Edition (KB3145739)
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
11.73%
CVE Information
Patch Details
Patch associated with this vulnerability is supported by ManageEngine.
Patch ID
20369
Patch Description
Security Update for Windows Server 2008 R2 x64 Edition (KB3145739)
References
http://technet.microsoft.com/security/bulletin/MS16-039
http://www.securitytracker.com/id/1035528
http://www.securitytracker.com/id/1035529
http://www.securitytracker.com/id/1035530
http://www.securitytracker.com/id/1035531
http://www.securitytracker.com/id/1035532
https://www.exploit-db.com/exploits/39712/
https://www.exploit-db.com/exploits/39743/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0167
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0145
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0165