CVE-2016-3232

medium

Description

The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted application, aka "Windows Virtual PCI Information Disclosure Vulnerability."

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-073

http://www.securitytracker.com/id/1036109

Details

Source: Mitre, NVD

Published: 2016-06-16

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Severity: Medium