Sid 1-38771


    BROWSER-IE Microsoft Internet Explorer CreateColorSpace vulnerability attempt


    Confidentiality Impact: PARTIAL Integrity Impact: NONE Availability Impact: NONE

Detailed Information:

    GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted document, aka "Windows Graphics Component Information Disclosure Vulnerability," a different vulnerability than CVE-2016-0169.

Affected Systems:

    microsoft windows server 2012 r2
    microsoft windows rt 8.1
    microsoft windows server 2012
    microsoft windows 10
    microsoft windows 8.1
    microsoft windows 7 sp1
    microsoft windows server 2008 r2 sp1
    microsoft windows vista sp2
    microsoft windows 10 1511
    microsoft windows server 2008 sp2

Attack Scenarios:

    No data available

False Positives:

    None known

False Negatives:

    None known

Corrective Action:

    Upgrade to the latest non-affected version
    Apply vendor-provided patches


    No data available

Additional References:

  • 2016-0168
  • ###ms16-055