CVE-2016-8823

{"id": "CVE-2016-8823", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2016-12-16T21:59:00.567", "references": [{"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4278", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "http://www.securityfocus.com/bid/94918", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@nvidia.com"}, {"url": "http://www.talosintelligence.com/reports/TALOS-2016-0217/", "source": "psirt@nvidia.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where the size of an input buffer is not validated leading to a denial of service or possible escalation of privileges"}, {"lang": "es", "value": "Todas las versiones de NVIDIA Windows GPU Display Driver contienen una vulnerabilidad en el controlador de la capa de modo kernel para DxgDdiEscape donde el tama\u00f1o de un b\u00fafer de entrada no se valida conduciendo a una denegaci\u00f3n de servicio o a una posible escalada de privilegios."}], "lastModified": "2016-12-24T02:59:44.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F6B8C06-F379-49FB-B0F2-097752154708"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@nvidia.com"}