cvelistv5 - cve-2016-4961

CVE-2016-4961 (GCVE-0-2016-4961)

Vulnerability from cvelistv5 – Published: 2016-11-08 20:37 – Updated: 2024-08-06 00:46

Summary

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

nvidia

References

URL

Tags

	http://nvidia.custhelp.com/app/answers/detail/a_id/4213	x_refsource_CONFIRM
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/93251	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Quadro, NVS, GeForce (all versions)	Affected: Quadro, NVS, GeForce (all versions)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:39.870Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/ps500070"
          },
          {
            "name": "93251",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93251"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Quadro, NVS, GeForce (all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Quadro, NVS, GeForce (all versions)"
            }
          ]
        }
      ],
      "datePublic": "2016-11-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-13T17:57:01",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/ps500070"
        },
        {
          "name": "93251",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93251"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2016-4961",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Quadro, NVS, GeForce (all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Quadro, NVS, GeForce (all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/ps500070",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/ps500070"
            },
            {
              "name": "93251",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93251"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2016-4961",
    "datePublished": "2016-11-08T20:37:00",
    "dateReserved": "2016-05-23T00:00:00",
    "dateUpdated": "2024-08-06T00:46:39.870Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"-\", \"matchCriteriaId\": \"F36E098A-0BCE-41CF-8AF6-3C32E18C8256\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26641568-53CE-4606-B2CA-C25A97795A50\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02BAA7E2-E4F5-44C9-BEDF-7425B0C56578\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05A831E4-1119-45F0-B9A0-4D948ECD47E6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F50D6AC-3D1E-4E54-8422-B717456F6257\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03CBD29C-A606-45DE-B2FB-8572B986A4F0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44BF5DC1-4609-4F34-9511-785F7B119ADE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3724F083-A7FC-4069-AC35-FB8AA08B6CCD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B72BBAC-CEBD-4405-B1EC-7535794FF5EB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2C9365F-B4A5-4EA2-917B-2F07457017EB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D835EE77-6031-40D6-8305-F962F42E7018\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E884CEDD-CAA5-489D-A526-B628BB3DE460\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E3455DE-4408-4603-86B2-5ECE76ED459C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EAB33B6-E270-4C11-8E57-2BE127C86134\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF0C08C8-AC1B-4A01-903A-FB56B75CAE55\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B376C04-8A35-42E7-8937-1A466E89639A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F13EE983-724F-472B-BCF5-B416D1DF27E1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBDF0898-E092-42BA-A777-FB7C5FFC4D3C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41B48700-10AB-4194-94BC-D0F177D0B56A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD3B7EE4-080F-4E3C-8304-0837AC20ECCD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E03A4C2-72EF-44FC-9F97-626C8E8A17EA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3896B47E-8787-45D2-96B3-BF4892780F35\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"316C9573-7C7D-4429-8563-B74FD752AC51\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76ABA317-6621-4D57-874F-307451EC9C2E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"477D72B5-A3EA-440A-B495-8A09E8564E8D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2B507EE-F005-4806-A8FC-8C8D9A31B0DB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E707A80B-6482-47DD-8BF3-6E58BC2C697A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED233BC3-6982-41E1-9205-5159C17A4A56\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C186F38-89C7-4616-A424-201804F842C9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60176B23-2751-4415-A0D3-DF1BE640F6C3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FABA79A-A70A-40A5-ADA7-893EAB42FE9E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.\"}, {\"lang\": \"es\", \"value\": \"Para los productos NVIDIA Quadro, NVS y GeForce, desinfecci\\u00f3n inadecuada de los par\\u00e1metros en la capa de la API NVStreamKMS.sys provoca una vulnerabilidad de denegaci\\u00f3n de servicio (ca\\u00edda de pantalla azul) dentro de los controladores de gr\\u00e1ficos de NVIDIA Windows.\"}]",
      "id": "CVE-2016-4961",
      "lastModified": "2024-11-21T02:53:18.593",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-11-08T20:59:03.583",
      "references": "[{\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4213\", \"source\": \"psirt@nvidia.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/93251\", \"source\": \"psirt@nvidia.com\"}, {\"url\": \"https://support.lenovo.com/us/en/product_security/ps500070\", \"source\": \"psirt@nvidia.com\"}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4213\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/93251\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.lenovo.com/us/en/product_security/ps500070\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "psirt@nvidia.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4961\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2016-11-08T20:59:03.583\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.\"},{\"lang\":\"es\",\"value\":\"Para los productos NVIDIA Quadro, NVS y GeForce, desinfecci\u00f3n inadecuada de los par\u00e1metros en la capa de la API NVStreamKMS.sys provoca una vulnerabilidad de denegaci\u00f3n de servicio (ca\u00edda de pantalla azul) dentro de los controladores de gr\u00e1ficos de NVIDIA Windows.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"-\",\"matchCriteriaId\":\"F36E098A-0BCE-41CF-8AF6-3C32E18C8256\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26641568-53CE-4606-B2CA-C25A97795A50\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02BAA7E2-E4F5-44C9-BEDF-7425B0C56578\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05A831E4-1119-45F0-B9A0-4D948ECD47E6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F50D6AC-3D1E-4E54-8422-B717456F6257\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03CBD29C-A606-45DE-B2FB-8572B986A4F0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44BF5DC1-4609-4F34-9511-785F7B119ADE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3724F083-A7FC-4069-AC35-FB8AA08B6CCD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B72BBAC-CEBD-4405-B1EC-7535794FF5EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2C9365F-B4A5-4EA2-917B-2F07457017EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D835EE77-6031-40D6-8305-F962F42E7018\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E884CEDD-CAA5-489D-A526-B628BB3DE460\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E3455DE-4408-4603-86B2-5ECE76ED459C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EAB33B6-E270-4C11-8E57-2BE127C86134\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF0C08C8-AC1B-4A01-903A-FB56B75CAE55\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B376C04-8A35-42E7-8937-1A466E89639A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F13EE983-724F-472B-BCF5-B416D1DF27E1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBDF0898-E092-42BA-A777-FB7C5FFC4D3C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41B48700-10AB-4194-94BC-D0F177D0B56A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD3B7EE4-080F-4E3C-8304-0837AC20ECCD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E03A4C2-72EF-44FC-9F97-626C8E8A17EA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3896B47E-8787-45D2-96B3-BF4892780F35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"316C9573-7C7D-4429-8563-B74FD752AC51\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76ABA317-6621-4D57-874F-307451EC9C2E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"477D72B5-A3EA-440A-B495-8A09E8564E8D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2B507EE-F005-4806-A8FC-8C8D9A31B0DB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E707A80B-6482-47DD-8BF3-6E58BC2C697A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED233BC3-6982-41E1-9205-5159C17A4A56\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C186F38-89C7-4616-A424-201804F842C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60176B23-2751-4415-A0D3-DF1BE640F6C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FABA79A-A70A-40A5-ADA7-893EAB42FE9E\"}]}]}],\"references\":[{\"url\":\"http://nvidia.custhelp.com/app/answers/detail/a_id/4213\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93251\",\"source\":\"psirt@nvidia.com\"},{\"url\":\"https://support.lenovo.com/us/en/product_security/ps500070\",\"source\":\"psirt@nvidia.com\"},{\"url\":\"http://nvidia.custhelp.com/app/answers/detail/a_id/4213\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93251\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.lenovo.com/us/en/product_security/ps500070\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-201611-0007

Vulnerability from variot - Updated: 2023-12-18 12:05

For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. Multiple NVIDIA products are prone to multiple local privilege-escalation vulnerabilities and multiple local denial-of-service vulnerabilities. Local attackers can exploit these issues to gain elevated privileges or cause a denial-of-service condition

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0007",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "geforce experience",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "nvidia",
        "version": null
      },
      {
        "model": "geforce experience",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nvidia",
        "version": "(windows)"
      },
      {
        "model": "geforce experience",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "nvidia",
        "version": null
      },
      {
        "model": "quadro r367",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "quadro r361",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "quadro r352",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "quadro r340",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "nvs r367",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "nvs r361",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "nvs r352",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "nvs r340",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "geforce r367",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "geforce r340",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "0"
      },
      {
        "model": "thinkstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "lenovo",
        "version": "0"
      },
      {
        "model": "thinkserver",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "lenovo",
        "version": "0"
      },
      {
        "model": "thinkpad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "lenovo",
        "version": "0"
      },
      {
        "model": "system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "lenovo",
        "version": "x0"
      },
      {
        "model": "ideapad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "lenovo",
        "version": "0"
      },
      {
        "model": "desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "lenovo",
        "version": "0"
      },
      {
        "model": "system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "x0"
      },
      {
        "model": "quadro r367",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "368.39"
      },
      {
        "model": "quadro r361",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "362.77"
      },
      {
        "model": "quadro r352",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "354.99"
      },
      {
        "model": "quadro r340",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "341.96"
      },
      {
        "model": "nvs r367",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "368.39"
      },
      {
        "model": "nvs r361",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "362.77"
      },
      {
        "model": "nvs r352",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "354.99"
      },
      {
        "model": "nvs r340",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "341.96"
      },
      {
        "model": "geforce r367",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "368.69"
      },
      {
        "model": "geforce r340",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "nvidia",
        "version": "341.96"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "93251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4961"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "-",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4961"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Alin Ghica, Joseph Bialek of Microsoft Vulnerability Research and Daniel Cornel.",
    "sources": [
      {
        "db": "BID",
        "id": "93251"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-4961",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 4.9,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-4961",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-4961",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-4961",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201610-126",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4961"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. Multiple NVIDIA products are prone to multiple local privilege-escalation vulnerabilities and multiple local denial-of-service vulnerabilities. \nLocal attackers can exploit these issues to gain elevated privileges or cause a denial-of-service condition",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "db": "BID",
        "id": "93251"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-4961",
        "trust": 2.7
      },
      {
        "db": "BID",
        "id": "93251",
        "trust": 1.3
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "93251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4961"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ]
  },
  "id": "VAR-201611-0007",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.215972225
  },
  "last_update_date": "2023-12-18T12:05:17.399000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security Bulletin: Multiple vulnerabilities affect Quadro, NVS, and GeForce Windows based systems",
        "trust": 0.8,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
      },
      {
        "title": "NVIDIA Quadro , NVS  and GeForce Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65295"
      },
      {
        "title": "NVIDIA Quadro , NVS  and GeForce Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65444"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4961"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
      },
      {
        "trust": 1.3,
        "url": "https://support.lenovo.com/us/en/product_security/ps500070"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/93251"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4961"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4961"
      },
      {
        "trust": 0.6,
        "url": "https://support.lenovo.com/us/zh/product_security/ps500070"
      },
      {
        "trust": 0.3,
        "url": "http://www.nvidia.com"
      },
      {
        "trust": 0.3,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213/~/security-bulletin%3a-multiple-vulnerabilities-affect-quadro,-nvs,-and-geforce"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "93251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4961"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "93251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4961"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-08-11T00:00:00",
        "db": "BID",
        "id": "93251"
      },
      {
        "date": "2016-11-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "date": "2016-11-08T20:59:03.583000",
        "db": "NVD",
        "id": "CVE-2016-4961"
      },
      {
        "date": "2016-09-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-10-03T00:03:00",
        "db": "BID",
        "id": "93251"
      },
      {
        "date": "2016-11-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      },
      {
        "date": "2016-12-15T02:59:44.637000",
        "db": "NVD",
        "id": "CVE-2016-4961"
      },
      {
        "date": "2016-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "93251"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  NVIDIA Product  Windows GPU Service operation disruption in display drivers  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005838"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-126"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2016-AVI-285

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits NVIDIA. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	NVIDIA GeForce branche R367 versions antérieures à 368.69
N/A	N/A	NVIDIA Quadro ou NVS branche R352 versions antérieures à 354.99
N/A	N/A	NVIDIA Quadro ou NVS branche R340 versions antérieures à 341.96
N/A	N/A	NVIDIA GeForce branche R340 versions antérieures à 341.96
N/A	N/A	NVIDIA Quadro ou NVS branche R367 versions antérieures à 368.39
N/A	N/A	NVIDIA Quadro ou NVS branche R361 versions antérieures à 362.77

References

Title

Publication Time

Tags

Bulletin de sécurité NVIDIA du 11 août 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "NVIDIA GeForce branche R367 versions ant\u00e9rieures \u00e0 368.69",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA Quadro ou NVS branche R352 versions ant\u00e9rieures \u00e0 354.99",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA Quadro ou NVS branche R340 versions ant\u00e9rieures \u00e0 341.96",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA GeForce branche R340 versions ant\u00e9rieures \u00e0 341.96",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA Quadro ou NVS branche R367 versions ant\u00e9rieures \u00e0 368.39",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA Quadro ou NVS branche R361 versions ant\u00e9rieures \u00e0 362.77",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4959"
    },
    {
      "name": "CVE-2016-4960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4960"
    },
    {
      "name": "CVE-2016-5025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5025"
    },
    {
      "name": "CVE-2016-3161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3161"
    },
    {
      "name": "CVE-2016-5852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5852"
    },
    {
      "name": "CVE-2016-4961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4961"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-285",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-08-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits NVIDIA\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits NVIDIA",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NVIDIA du 11 ao\u00fbt 2016",
      "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
    }
  ]
}

CERTFR-2016-AVI-285

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	NVIDIA GeForce branche R367 versions antérieures à 368.69
N/A	N/A	NVIDIA Quadro ou NVS branche R352 versions antérieures à 354.99
N/A	N/A	NVIDIA Quadro ou NVS branche R340 versions antérieures à 341.96
N/A	N/A	NVIDIA GeForce branche R340 versions antérieures à 341.96
N/A	N/A	NVIDIA Quadro ou NVS branche R367 versions antérieures à 368.39
N/A	N/A	NVIDIA Quadro ou NVS branche R361 versions antérieures à 362.77

References

Title

Publication Time

Tags

Bulletin de sécurité NVIDIA du 11 août 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "NVIDIA GeForce branche R367 versions ant\u00e9rieures \u00e0 368.69",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA Quadro ou NVS branche R352 versions ant\u00e9rieures \u00e0 354.99",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA Quadro ou NVS branche R340 versions ant\u00e9rieures \u00e0 341.96",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA GeForce branche R340 versions ant\u00e9rieures \u00e0 341.96",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA Quadro ou NVS branche R367 versions ant\u00e9rieures \u00e0 368.39",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NVIDIA Quadro ou NVS branche R361 versions ant\u00e9rieures \u00e0 362.77",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4959"
    },
    {
      "name": "CVE-2016-4960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4960"
    },
    {
      "name": "CVE-2016-5025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5025"
    },
    {
      "name": "CVE-2016-3161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3161"
    },
    {
      "name": "CVE-2016-5852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5852"
    },
    {
      "name": "CVE-2016-4961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4961"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-285",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-08-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits NVIDIA\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits NVIDIA",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NVIDIA du 11 ao\u00fbt 2016",
      "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
    }
  ]
}

GHSA-65XQ-X9JJ-JF35

Vulnerability from github – Published: 2022-05-17 03:21 – Updated: 2022-05-17 03:21

Details

Severity ?

5.5 (Medium)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-4961"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-11-08T20:59:00Z",
    "severity": "MODERATE"
  },
  "details": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
  "id": "GHSA-65xq-x9jj-jf35",
  "modified": "2022-05-17T03:21:40Z",
  "published": "2022-05-17T03:21:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4961"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/ps500070"
    },
    {
      "type": "WEB",
      "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93251"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2016-4961

Vulnerability from fkie_nvd - Published: 2016-11-08 20:59 - Updated: 2025-04-12 10:46

Severity ?

5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@nvidia.com	http://nvidia.custhelp.com/app/answers/detail/a_id/4213	Patch, Vendor Advisory
psirt@nvidia.com	http://www.securityfocus.com/bid/93251
psirt@nvidia.com	https://support.lenovo.com/us/en/product_security/ps500070
af854a3a-2127-422b-91ae-364da2661108	http://nvidia.custhelp.com/app/answers/detail/a_id/4213	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93251
af854a3a-2127-422b-91ae-364da2661108	https://support.lenovo.com/us/en/product_security/ps500070

Impacted products

Vendor	Product	Version
nvidia	geforce_experience	*
nvidia	geforce_910m	-
nvidia	geforce_920m	-
nvidia	geforce_920mx	-
nvidia	geforce_930m	-
nvidia	geforce_930mx	-
nvidia	geforce_940m	-
nvidia	geforce_940mx	-
nvidia	geforce_945m	-
nvidia	geforce_gt_710	-
nvidia	geforce_gt_730	-
nvidia	geforce_gtx_1050	-
nvidia	geforce_gtx_1060	-
nvidia	geforce_gtx_1070	-
nvidia	geforce_gtx_1080	-
nvidia	geforce_gtx_950m	-
nvidia	geforce_gtx_960m	-
nvidia	geforce_gtx_965m	-
nvidia	nvs_310	-
nvidia	nvs_315	-
nvidia	nvs_510	-
nvidia	nvs_810	-
nvidia	quadro_k1200	-
nvidia	quadro_k420	-
nvidia	quadro_k620	-
nvidia	quadro_m1000m	-
nvidia	quadro_m2000	-
nvidia	quadro_m2000m	-
nvidia	quadro_m3000m	-
nvidia	quadro_m4000	-
nvidia	quadro_m4000m	-
nvidia	quadro_m5000	-
nvidia	quadro_m5000m	-
nvidia	quadro_m500m	-
nvidia	quadro_m5500	-
nvidia	quadro_m6000	-
nvidia	quadro_m600m	-
nvidia	quadro_p5000	-
nvidia	quadro_p6000	-
nvidia	titan_x	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
              "versionEndIncluding": "-",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
    },
    {
      "lang": "es",
      "value": "Para los productos NVIDIA Quadro, NVS y GeForce, desinfecci\u00f3n inadecuada de los par\u00e1metros en la capa de la API NVStreamKMS.sys provoca una vulnerabilidad de denegaci\u00f3n de servicio (ca\u00edda de pantalla azul) dentro de los controladores de gr\u00e1ficos de NVIDIA Windows."
    }
  ],
  "id": "CVE-2016-4961",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-11-08T20:59:03.583",
  "references": [
    {
      "source": "psirt@nvidia.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "http://www.securityfocus.com/bid/93251"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://support.lenovo.com/us/en/product_security/ps500070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/93251"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.lenovo.com/us/en/product_security/ps500070"
    }
  ],
  "sourceIdentifier": "psirt@nvidia.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-4961

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-4961

Aliases

CVE-2016-4961

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-4961",
    "description": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
    "id": "GSD-2016-4961"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-4961"
      ],
      "details": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",
      "id": "GSD-2016-4961",
      "modified": "2023-12-13T01:21:18.462039Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@nvidia.com",
        "ID": "CVE-2016-4961",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Quadro, NVS, GeForce (all versions)",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Quadro, NVS, GeForce (all versions)"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
            "refsource": "CONFIRM",
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
          },
          {
            "name": "https://support.lenovo.com/us/en/product_security/ps500070",
            "refsource": "CONFIRM",
            "url": "https://support.lenovo.com/us/en/product_security/ps500070"
          },
          {
            "name": "93251",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93251"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "-",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2016-4961"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
            },
            {
              "name": "93251",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/93251"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/ps500070",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.lenovo.com/us/en/product_security/ps500070"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2016-12-15T02:59Z",
      "publishedDate": "2016-11-08T20:59Z"
    }
  }
}

CNVD-2016-09611

Vulnerability from cnvd - Published: 2016-10-20

Title

NVIDIA拒绝服务漏洞（CNVD-2016-09611）

Description

NVIDIA（全称为NVIDIA Corporation，NASDAQ：NVDA，官方中文名称英伟达），创立于1993年1月，是一家以设计智核芯片组为主的无晶圆（Fabless）IC半导体公司。 NVIDIA中存在拒绝服务漏洞，由于在NVStreamKMS.sys API layer未能充分过滤用户输入。攻击者利用该漏洞导致拒绝服务（蓝屏崩溃）。

Severity

中

Patch Name

NVIDIA拒绝服务漏洞（CNVD-2016-09611）的补丁

Patch Description

Formal description

目前厂商已经发布更新，详情请关注厂商主页或有关网址： http://www.nvidia.com/content/global/global.php

Reference

http://nvidia.custhelp.com/app/answers/detail/a_id/4213/~/security-bulletin%3A-multiple-vulnerabilities-affect-quadro,-nvs,-and-geforce

Impacted products

Name
['NVIDIA Quadro', 'NVIDIA NVS', 'NVIDIA GeForce']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-4961"
    }
  },
  "description": "NVIDIA\uff08\u5168\u79f0\u4e3aNVIDIA Corporation\uff0cNASDAQ\uff1aNVDA\uff0c\u5b98\u65b9\u4e2d\u6587\u540d\u79f0\u82f1\u4f1f\u8fbe\uff09\uff0c\u521b\u7acb\u4e8e1993\u5e741\u6708\uff0c\u662f\u4e00\u5bb6\u4ee5\u8bbe\u8ba1\u667a\u6838\u82af\u7247\u7ec4\u4e3a\u4e3b\u7684\u65e0\u6676\u5706\uff08Fabless\uff09IC\u534a\u5bfc\u4f53\u516c\u53f8\u3002\r\n\r\nNVIDIA\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u7531\u4e8e\u5728NVStreamKMS.sys API layer\u672a\u80fd\u5145\u5206\u8fc7\u6ee4\u7528\u6237\u8f93\u5165\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08\u84dd\u5c4f\u5d29\u6e83\uff09\u3002",
  "discovererName": "NVIDIA",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u66f4\u65b0\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u6709\u5173\u7f51\u5740\uff1a\r\nhttp://www.nvidia.com/content/global/global.php",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-09611",
  "openTime": "2016-10-20",
  "patchDescription": "NVIDIA\uff08\u5168\u79f0\u4e3aNVIDIA Corporation\uff0cNASDAQ\uff1aNVDA\uff0c\u5b98\u65b9\u4e2d\u6587\u540d\u79f0\u82f1\u4f1f\u8fbe\uff09\uff0c\u521b\u7acb\u4e8e1993\u5e741\u6708\uff0c\u662f\u4e00\u5bb6\u4ee5\u8bbe\u8ba1\u667a\u6838\u82af\u7247\u7ec4\u4e3a\u4e3b\u7684\u65e0\u6676\u5706\uff08Fabless\uff09IC\u534a\u5bfc\u4f53\u516c\u53f8\u3002\r\n\r\nNVIDIA\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u7531\u4e8e\u5728NVStreamKMS.sys API layer\u672a\u80fd\u5145\u5206\u8fc7\u6ee4\u7528\u6237\u8f93\u5165\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08\u84dd\u5c4f\u5d29\u6e83\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "NVIDIA\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-09611\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "NVIDIA Quadro",
      "NVIDIA NVS",
      "NVIDIA GeForce"
    ]
  },
  "referenceLink": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213/~/security-bulletin%3A-multiple-vulnerabilities-affect-quadro,-nvs,-and-geforce",
  "serverity": "\u4e2d",
  "submitTime": "2016-10-13",
  "title": "NVIDIA\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-09611\uff09"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-4961 (GCVE-0-2016-4961)

VAR-201611-0007

CERTFR-2016-AVI-285

Solution

CERTFR-2016-AVI-285

Solution

GHSA-65XQ-X9JJ-JF35

FKIE_CVE-2016-4961

GSD-2016-4961

CNVD-2016-09611

Tags

Sightings

Nomenclature