JSON View XML View

Key Value
MTID M113565
Title (MS16-102) Microsoft Windows PDF Library Remote Code Execution (3182248)
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

The flaw lies in the PDF Library component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-102

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-142
- Cumulative Update for Windows 10 (KB3198585): KB3198585
- Cumulative Update for Windows 10 Version 1511 (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1607 (KB3200970): KB3200970

The patches for the following products are superseded by patches provided in: MS16-115
- Microsoft Windows 8.1: KB3184943
- Microsoft Windows 8.1 for x64-based Systems: KB3184943
- Microsoft Windows Server 2012: KB3184943
- Microsoft Windows Server 2012 R2: KB3184943

The patches for the following products are superseded by patches provided in: MS16-125
- Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194798): KB3194798
- Cumulative Update for Windows Server 2016 for x64-based Systems (KB3194798): KB3194798

https://technet.microsoft.com/library/security/MS16-142
https://technet.microsoft.com/library/security/MS16-115
https://technet.microsoft.com/library/security/MS16-125

Vendor Microsoft
Attack Vector Website or e-mail with malicious content
Importance 9
Impact 10.00084536000
Threat Score 9.33
Labels
Patch Tuesday
References
CVECVE-2016-3319
MSFTBulletinMS16-102
MSFTQNumber3182248
DISA IAVA2016-A-0206
MTIDM113565
CPEs
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_server_2012:r2
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
Created At 2016-08-09 00:00:00 UTC
Updated At 2016-11-19 10:30:57 UTC

Back