Information Disclosure in Microsoft Windows by Bowser.sys Driver
CVE-2016-7218

4.7MEDIUM

Key Information:

Vendor

Microsoft
Status
Windows Rt 8.1
Windows Server 2012
Windows 7
Windows 10
Vendor
CVE Published:
10 November 2016

What is CVE-2016-7218?

The Bowser.sys driver in Microsoft Windows allows local users to access sensitive information due to a flaw in the handling of requests. This vulnerability affects multiple Windows versions, including Vista, Server 2008, Windows 7, and onward to Server 2016, enabling crafted applications to exploit the system. Users should prioritize patching to protect against potential information exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/94004
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037251
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.