PT-2016-7272 · Microsoft · Windows Server 2016+2

Published

2016-12-13

Updated

2018-10-12

CVE-2016-7258

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Windows 10 versions Gold, 1511, and 1607 Windows Server 2016

Description The issue allows local users to obtain sensitive information from arbitrary processes via a crafted application. It is related to the mishandling of page-fault system calls. A vulnerability exists that enables attackers to obtain sensitive information and affect the system.

Recommendations For Windows 10 versions Gold, 1511, and 1607, and Windows Server 2016, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2016-7258

Affected Products

Windows

Windows 10

Windows Server 2016

PT-2016-7272 · Microsoft · Windows Server 2016+2

CVE-2016-7258

Weakness Enumeration

Related Identifiers

Affected Products

References · 7