CVE-2016-1715

Summary

CVE	CVE-2016-1715
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2016-01-12 20:59:00 UTC
Updated	2016-01-21 17:06:00 UTC
Description	The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location.

Risk And Classification

Problem Types: CWE-189

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Mcafee	Application Control	6.1.0	All	All	All
Application	Mcafee	Application Control	6.1.1	All	All	All
Application	Mcafee	Application Control	6.1.2	All	All	All
Application	Mcafee	Application Control	6.1.3	All	All	All
Application	Mcafee	Application Control	6.2.0	All	All	All
Application	Mcafee	Application Control	6.1.0	All	All	All
Application	Mcafee	Application Control	6.1.1	All	All	All
Application	Mcafee	Application Control	6.1.2	All	All	All
Application	Mcafee	Application Control	6.1.3	All	All	All
Application	Mcafee	Application Control	6.2.0	All	All	All
Operating System	Microsoft	Windows	All	All	All	All
Operating System	Microsoft	Windows	All	All	All	All

References

Reference	Source	Link	Tags
Zero Day Initiative	MISC	www.zerodayinitiative.com
McAfee KnowledgeBase - Intel Security - Security Bulletin: Application Control update fixes system crash caused by certain inputs to Application Control driver API on Windows 32-bit systems	CONFIRM	kc.mcafee.com	Patch, Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.