PT-2016-1998 · Microsoft · Windows Vista+6
Publicado
2016-05-10
·
Atualizado
2018-10-12
·
CVE-2016-0182
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Windows Journal versions in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511
Description
The issue is related to insufficient access control in the Windows Journal component, allowing remote attackers to execute arbitrary code by using a specially crafted Journal file. This can affect the system, enabling the execution of arbitrary code.
Recommendations
For Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511, consider restricting access to the Journal component until a patch is available.
As a temporary workaround, avoid using the Windows Journal component to open specially crafted Journal files until the issue is resolved.
Correção
RCE
Improper Access Control
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Windows
Windows 10
Windows 7
Windows 8.1
Windows Journal
Windows Rt 8.1
Windows Vista