CVE-2016-1715
Published on: 01/12/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:04 PM UTC
Certain versions of Application Control from Mcafee contain the following vulnerability:
The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location.
- CVE-2016-1715 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 6.6 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
LOCAL | HIGH | LOW | REQUIRED | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
CHANGED | LOW | LOW | HIGH |
CVSS2 Score: 5.5 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | MEDIUM | SINGLE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Zero Day Initiative | www.zerodayinitiative.com text/html |
![]() |
McAfee KnowledgeBase - Intel Security - Security Bulletin: Application Control update fixes system crash caused by certain inputs to Application Control driver API on Windows 32-bit systems | Patch Vendor Advisory kc.mcafee.com text/html |
![]() |
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Mcafee | Application Control | 6.1.0 | All | All | All |
Application | Mcafee | Application Control | 6.1.1 | All | All | All |
Application | Mcafee | Application Control | 6.1.2 | All | All | All |
Application | Mcafee | Application Control | 6.1.3 | All | All | All |
Application | Mcafee | Application Control | 6.2.0 | All | All | All |
Application | Mcafee | Application Control | 6.1.0 | All | All | All |
Application | Mcafee | Application Control | 6.1.1 | All | All | All |
Application | Mcafee | Application Control | 6.1.2 | All | All | All |
Application | Mcafee | Application Control | 6.1.3 | All | All | All |
Application | Mcafee | Application Control | 6.2.0 | All | All | All |
Operating System | Microsoft | Windows | All | All | All | All |
Operating System | Microsoft | Windows | All | All | All | All |
- cpe:2.3:a:mcafee:application_control:6.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.1.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.1.2:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.1.3:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.1.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.1.2:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.1.3:*:*:*:*:*:*:*:
- cpe:2.3:a:mcafee:application_control:6.2.0:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:x86:*:
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:x86:*:
No vendor comments have been submitted for this CVE