Think you have a false positive on this rule?

Sid 1-38078

Message

BROWSER-IE Microsoft Edge CPostScriptEvaluator out of bounds read attempt

Summary

The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."

Impact

CVSS base score 7.8 CVSS impact score 5.9 CVSS exploitability score 1.8 confidentialityImpact HIGH integrityImpact HIGH availabilityImpact HIGH

CVE-2016-0117:

CVSS base score 7.8

CVSS impact score 5.9

CVSS exploitability score 1.8

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Detailed information

CVE-2016-0117: The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."

Affected systems

  • microsoft windows_10 -
  • microsoft windows_10 1511
  • microsoft windows_8.1 *
  • microsoft windowsrt8.1 *
  • microsoft windowsserver2012 -
  • microsoft windowsserver2012 r2

Ease of attack

CVE-2016-0117:

Access Vector

Access Complexity

Authentication

False positives

None known

False negatives

None known

Corrective action

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • technet.microsoft.com/en-us/security/bulletin/MS16-028