Vulnerabilites related to nvidia - geforce_940m
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 03:00
Summary
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
                     versionEndIncluding: "-",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.",
      },
      {
         lang: "es",
         value: "Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 before 342.00, R367 before 369.59, and R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x7000014 donde un valor pasado de un usuario al controlador es utilizado sin validación como el índice de una matriz interna, conduciendo a una denegación de servicio o potencial escalada de privilegios.",
      },
   ],
   id: "CVE-2016-8812",
   lastModified: "2024-11-21T03:00:08.290",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2,
            impactScore: 6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-11-08T20:59:25.850",
   references: [
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
      },
      {
         source: "psirt@nvidia.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/93986",
      },
      {
         source: "psirt@nvidia.com",
         url: "https://www.exploit-db.com/exploits/40660/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/93986",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.exploit-db.com/exploits/40660/",
      },
   ],
   sourceIdentifier: "psirt@nvidia.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:55
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
                     versionEndIncluding: "-",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.",
      },
      {
         lang: "es",
         value: "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotación exitosa de una instalación de servicio vulnerable puede habilitar código malicioso para ejecutar en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-5852 es para la ruta de servicio no citada NVTray Plugin.",
      },
   ],
   evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/428.html\">CWE-428: Unquoted Search Path or Element</a>",
   id: "CVE-2016-5852",
   lastModified: "2024-11-21T02:55:08.420",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-11-08T20:59:05.787",
   references: [
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "psirt@nvidia.com",
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "psirt@nvidia.com",
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
   ],
   sourceIdentifier: "psirt@nvidia.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Summary
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "353E4EEB-07DE-4BD3-B094-768C6AF43ECC",
                     versionEndExcluding: "341.96",
                     versionStartIncluding: "340",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E97EFE4C-6324-464B-9DCF-B41D78CBB610",
                     versionEndExcluding: "354.99",
                     versionStartIncluding: "352.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "06610350-44CB-41AE-B291-441EFC861C51",
                     versionEndExcluding: "362.77",
                     versionStartIncluding: "361",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E21E09EF-9C01-4B7B-AD77-96055343E2D2",
                     versionEndExcluding: "368.39",
                     versionStartIncluding: "367",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.",
      },
      {
         lang: "es",
         value: "Para los productos NVIDIA Quadro, NVS y GeForce, hay una denegación de servicio Remote Desktop. Una explotación exitosa de la vulnerabilidad del sistema tendría como resultado en un a referencia a puntero nulo del kernel, causando una caída de pantalla azul.",
      },
   ],
   id: "CVE-2016-4959",
   lastModified: "2024-11-21T02:53:18.320",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-11-08T20:59:01.397",
   references: [
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "psirt@nvidia.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/93256",
      },
      {
         source: "psirt@nvidia.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/",
      },
      {
         source: "psirt@nvidia.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/93256",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
   ],
   sourceIdentifier: "psirt@nvidia.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Summary
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nvidia:geforce_experience:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DC7A2F9-5F65-4203-B171-6109E61B5F2D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.",
      },
      {
         lang: "es",
         value: "Para los productos NVIDIA Quadro, NVS y GeForce, el componente de servicio NVIDIA NVStreamKMS.sys está validando incorrectamente los datos suministrados por el usuario a través de sus puntos de entrada de la API lo que causa una elevación de privilegios.",
      },
   ],
   id: "CVE-2016-4960",
   lastModified: "2024-11-21T02:53:18.470",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.9,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.4,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.3,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.3,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-11-08T20:59:02.567",
   references: [
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "psirt@nvidia.com",
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "psirt@nvidia.com",
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
   ],
   sourceIdentifier: "psirt@nvidia.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:49
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
                     versionEndIncluding: "-",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.",
      },
      {
         lang: "es",
         value: "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotación exitosa de una instalación de servicio vulnerable puede habilitar código malicioso para ejecutarse en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-3161 es para la ruta de servicio no citada GameStream.",
      },
   ],
   evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/428.html\">CWE-428: Unquoted Search Path or Element</a>",
   id: "CVE-2016-3161",
   lastModified: "2024-11-21T02:49:30.140",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-11-08T20:59:00.177",
   references: [
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "psirt@nvidia.com",
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "psirt@nvidia.com",
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
   ],
   sourceIdentifier: "psirt@nvidia.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:57
Summary
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:304.131:*:*:*:*:*:*:*",
                     matchCriteriaId: "D39139B8-5709-4C8B-BEE8-CD4B70A4674E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:340.98:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ABF20C2-69A3-4D04-970D-E88E0020DAD2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:361.93.02:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4D2D3FF-A8F2-4279-96FC-26128A0437E9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:367.44:*:*:*:*:*:*:*",
                     matchCriteriaId: "2071AAEF-A450-4093-BFE9-BCC4055F23EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:367.54:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A2C1B6C-EEB7-4DA8-B638-CD47789DDB76",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:370.23:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC1FFE9B-3EE1-4450-BECB-B1FE91FF3F06",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:telsa_k80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9DD67F88-6887-40E1-8484-27D3A9900150",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_c2050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A8BE0940-95D9-4EA3-B66B-471D87770679",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_c2070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DED2E138-85AB-4C3D-A2EE-2A82F5309932",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_c2075:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C2F6A51-E52E-424C-82AD-2276CEDAD23B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_k10:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "824DB61D-A2BC-4E8D-B8BF-C3340A62345C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_k20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6778EBC-CF3C-48A4-9F6A-037BA4B2A3EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_k20x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "011ACD20-C0D6-4E19-AE60-50A4A155C925",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_k40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "65E7F28C-8B7B-416A-88CC-970F5EBE36C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_k8:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D16D559F-83A8-42CE-A22D-A6519C3F6F61",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_k80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD76737-522F-451E-8B93-B490C23E0517",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_m2050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D69A7BF-4C1C-4A5A-BB98-1498BFE52B8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_m2070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F2544F6-397B-4B24-9809-B335481E43E4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_m2075:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47DFFCDD-1839-4613-AEA8-6AAD1E7B4DA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_m2090:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80733A92-049A-480D-A29B-0E0CD789093F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.",
      },
      {
         lang: "es",
         value: "Para los productos NVIDIA Quadro, NVS, GeForce y Tesla, NVIDIA GPU Display Driver contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys para Windows o nvidia.ko para Linux) donde una verificación de permisos perdida podría permitir a usuarios obtener acceso a memoria física arbitraria, conduciendo a una escalada de privilegios.",
      },
   ],
   id: "CVE-2016-7382",
   lastModified: "2024-11-21T02:57:53.277",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-11-08T20:59:07.943",
   references: [
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246",
      },
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
      },
      {
         source: "psirt@nvidia.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/94177",
      },
      {
         source: "psirt@nvidia.com",
         url: "https://support.lenovo.com/us/en/solutions/LEN-10822",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/94177",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.lenovo.com/us/en/solutions/LEN-10822",
      },
   ],
   sourceIdentifier: "psirt@nvidia.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-275",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "353E4EEB-07DE-4BD3-B094-768C6AF43ECC",
                     versionEndExcluding: "341.96",
                     versionStartIncluding: "340",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E97EFE4C-6324-464B-9DCF-B41D78CBB610",
                     versionEndExcluding: "354.99",
                     versionStartIncluding: "352.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "06610350-44CB-41AE-B291-441EFC861C51",
                     versionEndExcluding: "362.77",
                     versionStartIncluding: "361",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E21E09EF-9C01-4B7B-AD77-96055343E2D2",
                     versionEndExcluding: "368.39",
                     versionStartIncluding: "367",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
      },
      {
         lang: "es",
         value: "Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los párametros en la capa de soporte NVAPI provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores gráficos de NVIDIA Windows.",
      },
   ],
   id: "CVE-2016-5025",
   lastModified: "2024-11-21T02:53:28.603",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.1,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 8.5,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.8,
            impactScore: 4.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-11-08T20:59:04.630",
   references: [
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "psirt@nvidia.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "psirt@nvidia.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
   ],
   sourceIdentifier: "psirt@nvidia.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
                     versionEndIncluding: "-",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
      },
      {
         lang: "es",
         value: "Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los parámetros en la capa de la API NVStreamKMS.sys provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores de gráficos de NVIDIA Windows.",
      },
   ],
   id: "CVE-2016-4961",
   lastModified: "2024-11-21T02:53:18.593",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 4.9,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-11-08T20:59:03.583",
   references: [
      {
         source: "psirt@nvidia.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "psirt@nvidia.com",
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "psirt@nvidia.com",
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/93251",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.lenovo.com/us/en/product_security/ps500070",
      },
   ],
   sourceIdentifier: "psirt@nvidia.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2016-3161
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-05 23:47
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.
Impacted products
Vendor Product Version
n/a Quadro, NVS, GeForce (all versions) Version: Quadro, NVS, GeForce (all versions)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T23:47:57.469Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/ps500070",
               },
               {
                  name: "93251",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93251",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Quadro, NVS, GeForce (all versions)",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Quadro, NVS, GeForce (all versions)",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Escalation of Privileges",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-13T17:57:01",
            orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
            shortName: "nvidia",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.lenovo.com/us/en/product_security/ps500070",
            },
            {
               name: "93251",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93251",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@nvidia.com",
               ID: "CVE-2016-3161",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Quadro, NVS, GeForce (all versions)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Quadro, NVS, GeForce (all versions)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Escalation of Privileges",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                  },
                  {
                     name: "https://support.lenovo.com/us/en/product_security/ps500070",
                     refsource: "CONFIRM",
                     url: "https://support.lenovo.com/us/en/product_security/ps500070",
                  },
                  {
                     name: "93251",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93251",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
      assignerShortName: "nvidia",
      cveId: "CVE-2016-3161",
      datePublished: "2016-11-08T20:37:00",
      dateReserved: "2016-03-15T00:00:00",
      dateUpdated: "2024-08-05T23:47:57.469Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-5025
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
Impacted products
Vendor Product Version
n/a Quadro, NVS, GeForce (all versions) Version: Quadro, NVS, GeForce (all versions)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:46:40.221Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/ps500070",
               },
               {
                  name: "93251",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93251",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Quadro, NVS, GeForce (all versions)",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Quadro, NVS, GeForce (all versions)",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-13T17:57:01",
            orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
            shortName: "nvidia",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.lenovo.com/us/en/product_security/ps500070",
            },
            {
               name: "93251",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93251",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@nvidia.com",
               ID: "CVE-2016-5025",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Quadro, NVS, GeForce (all versions)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Quadro, NVS, GeForce (all versions)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Denial of Service",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                  },
                  {
                     name: "https://support.lenovo.com/us/en/product_security/ps500070",
                     refsource: "CONFIRM",
                     url: "https://support.lenovo.com/us/en/product_security/ps500070",
                  },
                  {
                     name: "93251",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93251",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
      assignerShortName: "nvidia",
      cveId: "CVE-2016-5025",
      datePublished: "2016-11-08T20:37:00",
      dateReserved: "2016-05-24T00:00:00",
      dateUpdated: "2024-08-06T00:46:40.221Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4959
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.
Impacted products
Vendor Product Version
n/a Quadro, NVS, GeForce (all versions) Version: Quadro, NVS, GeForce (all versions)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:46:39.859Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/",
               },
               {
                  name: "93256",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93256",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/ps500070",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Quadro, NVS, GeForce (all versions)",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Quadro, NVS, GeForce (all versions)",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-13T17:57:01",
            orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
            shortName: "nvidia",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/",
            },
            {
               name: "93256",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93256",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.lenovo.com/us/en/product_security/ps500070",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@nvidia.com",
               ID: "CVE-2016-4959",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Quadro, NVS, GeForce (all versions)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Quadro, NVS, GeForce (all versions)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Denial of Service",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                  },
                  {
                     name: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/",
                     refsource: "MISC",
                     url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/",
                  },
                  {
                     name: "93256",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93256",
                  },
                  {
                     name: "https://support.lenovo.com/us/en/product_security/ps500070",
                     refsource: "CONFIRM",
                     url: "https://support.lenovo.com/us/en/product_security/ps500070",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
      assignerShortName: "nvidia",
      cveId: "CVE-2016-4959",
      datePublished: "2016-11-08T20:37:00",
      dateReserved: "2016-05-23T00:00:00",
      dateUpdated: "2024-08-06T00:46:39.859Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-5852
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 01:15
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
Impacted products
Vendor Product Version
n/a Quadro, NVS, GeForce (all versions) Version: Quadro, NVS, GeForce (all versions)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:15:10.785Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/ps500070",
               },
               {
                  name: "93251",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93251",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Quadro, NVS, GeForce (all versions)",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Quadro, NVS, GeForce (all versions)",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Escalation of Privileges",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-13T17:57:01",
            orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
            shortName: "nvidia",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.lenovo.com/us/en/product_security/ps500070",
            },
            {
               name: "93251",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93251",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@nvidia.com",
               ID: "CVE-2016-5852",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Quadro, NVS, GeForce (all versions)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Quadro, NVS, GeForce (all versions)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Escalation of Privileges",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                  },
                  {
                     name: "https://support.lenovo.com/us/en/product_security/ps500070",
                     refsource: "CONFIRM",
                     url: "https://support.lenovo.com/us/en/product_security/ps500070",
                  },
                  {
                     name: "93251",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93251",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
      assignerShortName: "nvidia",
      cveId: "CVE-2016-5852",
      datePublished: "2016-11-08T20:37:00",
      dateReserved: "2016-06-28T00:00:00",
      dateUpdated: "2024-08-06T01:15:10.785Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4961
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
Impacted products
Vendor Product Version
n/a Quadro, NVS, GeForce (all versions) Version: Quadro, NVS, GeForce (all versions)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:46:39.870Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/ps500070",
               },
               {
                  name: "93251",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93251",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Quadro, NVS, GeForce (all versions)",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Quadro, NVS, GeForce (all versions)",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-13T17:57:01",
            orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
            shortName: "nvidia",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.lenovo.com/us/en/product_security/ps500070",
            },
            {
               name: "93251",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93251",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@nvidia.com",
               ID: "CVE-2016-4961",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Quadro, NVS, GeForce (all versions)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Quadro, NVS, GeForce (all versions)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Denial of Service",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                  },
                  {
                     name: "https://support.lenovo.com/us/en/product_security/ps500070",
                     refsource: "CONFIRM",
                     url: "https://support.lenovo.com/us/en/product_security/ps500070",
                  },
                  {
                     name: "93251",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93251",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
      assignerShortName: "nvidia",
      cveId: "CVE-2016-4961",
      datePublished: "2016-11-08T20:37:00",
      dateReserved: "2016-05-23T00:00:00",
      dateUpdated: "2024-08-06T00:46:39.870Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-8812
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 02:35
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
References
http://www.securityfocus.com/bid/93986vdb-entry, x_refsource_BID
https://www.exploit-db.com/exploits/40660/exploit, x_refsource_EXPLOIT-DB
http://nvidia.custhelp.com/app/answers/detail/a_id/4247x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Quadro, NVS, and GeForce (all versions) Version: Quadro, NVS, and GeForce (all versions)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:35:01.168Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "93986",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93986",
               },
               {
                  name: "40660",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/40660/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Quadro, NVS, and GeForce (all versions)",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Quadro, NVS, and GeForce (all versions)",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-02T09:57:01",
            orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
            shortName: "nvidia",
         },
         references: [
            {
               name: "93986",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93986",
            },
            {
               name: "40660",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/40660/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@nvidia.com",
               ID: "CVE-2016-8812",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Quadro, NVS, and GeForce (all versions)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Quadro, NVS, and GeForce (all versions)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Denial of Service",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "93986",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93986",
                  },
                  {
                     name: "40660",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/40660/",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
      assignerShortName: "nvidia",
      cveId: "CVE-2016-8812",
      datePublished: "2016-11-08T20:37:00",
      dateReserved: "2016-10-18T00:00:00",
      dateUpdated: "2024-08-06T02:35:01.168Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4960
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
Impacted products
Vendor Product Version
n/a Quadro, NVS, GeForce (all versions) Version: Quadro, NVS, GeForce (all versions)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:46:39.887Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/ps500070",
               },
               {
                  name: "93251",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93251",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Quadro, NVS, GeForce (all versions)",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Quadro, NVS, GeForce (all versions)",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Escalation of Privileges",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-13T17:57:01",
            orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
            shortName: "nvidia",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.lenovo.com/us/en/product_security/ps500070",
            },
            {
               name: "93251",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93251",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@nvidia.com",
               ID: "CVE-2016-4960",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Quadro, NVS, GeForce (all versions)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Quadro, NVS, GeForce (all versions)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Escalation of Privileges",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
                  },
                  {
                     name: "https://support.lenovo.com/us/en/product_security/ps500070",
                     refsource: "CONFIRM",
                     url: "https://support.lenovo.com/us/en/product_security/ps500070",
                  },
                  {
                     name: "93251",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93251",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
      assignerShortName: "nvidia",
      cveId: "CVE-2016-4960",
      datePublished: "2016-11-08T20:37:00",
      dateReserved: "2016-05-23T00:00:00",
      dateUpdated: "2024-08-06T00:46:39.887Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7382
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 01:57
Severity ?
Summary
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
Impacted products
Vendor Product Version
n/a Quadro, NVS, GeForce, and Tesla (all versions) Version: Quadro, NVS, GeForce, and Tesla (all versions)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:57:47.082Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/solutions/LEN-10822",
               },
               {
                  name: "94177",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94177",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Quadro, NVS, GeForce, and Tesla (all versions)",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Quadro, NVS, GeForce, and Tesla (all versions)",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Incorrect Access Control",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-18T21:57:01",
            orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
            shortName: "nvidia",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.lenovo.com/us/en/solutions/LEN-10822",
            },
            {
               name: "94177",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94177",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@nvidia.com",
               ID: "CVE-2016-7382",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Quadro, NVS, GeForce, and Tesla (all versions)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Quadro, NVS, GeForce, and Tesla (all versions)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Incorrect Access Control",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://support.lenovo.com/us/en/solutions/LEN-10822",
                     refsource: "CONFIRM",
                     url: "https://support.lenovo.com/us/en/solutions/LEN-10822",
                  },
                  {
                     name: "94177",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94177",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6",
      assignerShortName: "nvidia",
      cveId: "CVE-2016-7382",
      datePublished: "2016-11-08T20:37:00",
      dateReserved: "2016-09-09T00:00:00",
      dateUpdated: "2024-08-06T01:57:47.082Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}