GDI+ Remote Code Execution Vulnerability for Microsoft .NET Framework 3.5 on Windows Server 2012 (KB3142043)
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
11.73%
CVE Information
Patch Details
Patch associated with this vulnerability is supported by ManageEngine.
Patch ID
20383
Patch Description
Security Update for Microsoft .NET Framework 3.5 on Windows Server 2012 (KB3142043)
References
http://technet.microsoft.com/security/bulletin/MS16-039
http://www.securitytracker.com/id/1035528
http://www.securitytracker.com/id/1035529
http://www.securitytracker.com/id/1035530
http://www.securitytracker.com/id/1035531
http://www.securitytracker.com/id/1035532
https://www.exploit-db.com/exploits/39712/
https://www.exploit-db.com/exploits/39743/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0145